Guys I am staring at this:
<!-- Directories to check (perform all possible verifications) -->
<directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories>
<directories check_all="yes">/bin,/sbin</directories>
Does anyone know where I can change the default alert level for those
directories above - I want to modify changes to the above to Alert Level 14?
Basically, I am hooking OSSEC into Nagios alerting with a shell script but
I only want to be alerted (hook into Nagios) at Level 14 or above.
Is there a way I can do it in the standard config file:
/var/ossec/etc/ossec.conf
I would prefer not to modify anything in the rules directory but just have
any mods in the same place in the standard config file.
Cheers,
Tahir
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
