On Thu, Jan 21, 2010 at 11:14 AM, Dennis Golden
dgol...@golden-consulting.com wrote:
I have discovered a serious problem with the subject rules. here is the result
running ossec-logtest:
--
Dennis Golden2010/01/21 09:49:16 ossec-testrule: INFO: Started (pid: 20196).
ossec-testrule: Type one
- Dennis Golden dgol...@golden-consulting.com wrote:
I have discovered a serious problem with the subject rules. here is
the result
running ossec-logtest:
--
Dennis Golden2010/01/21 09:49:16 ossec-testrule: INFO: Started (pid:
20196).
ossec-testrule: Type one log per line.
dan (ddp) wrote:
On Thu, Jan 21, 2010 at 11:14 AM, Dennis Golden
dgol...@golden-consulting.com wrote:
I have discovered a serious problem with the subject rules. here is the
result
running ossec-logtest:
--
Dennis Golden2010/01/21 09:49:16 ossec-testrule: INFO: Started (pid: 20196).
dan (ddp) wrote:
On Thu, Jan 21, 2010 at 11:14 AM, Dennis Golden
dgol...@golden-consulting.com wrote:
I have discovered a serious problem with the subject rules. here is the
result
running ossec-logtest:
--
Dennis Golden2010/01/21 09:49:16 ossec-testrule: INFO: Started (pid: 20196).
--[ UxBoD ]-- wrote:
- Dennis Golden dgol...@golden-consulting.com wrote:
I have discovered a serious problem with the subject rules. here is
the result
running ossec-logtest:
--
Dennis Golden2010/01/21 09:49:16 ossec-testrule: INFO: Started (pid:
20196).
ossec-testrule: Type one
On Fri, Jan 22, 2010 at 9:40 AM, Dennis Golden
dgol...@golden-consulting.com wrote:
This is openSUSE 11.0. I've modified it to work here, but it won't work for
messages that are in the format you have in the example.
Regards,
Dennis
--
Dennis Golden
Golden Consulting Services, Inc.
I have discovered a serious problem with the subject rules. here is the result
running ossec-logtest:
--
Dennis Golden2010/01/21 09:49:16 ossec-testrule: INFO: Started (pid: 20196).
ossec-testrule: Type one log per line.
**Phase 1: Completed pre-decoding.
full event: 'Jan 20 21:45:23
