Guys I am staring at this: <!-- Directories to check (perform all possible verifications) --> <directories check_all="yes">/etc,/usr/bin,/usr/sbin</directories> <directories check_all="yes">/bin,/sbin</directories>
Does anyone know where I can change the default alert level for those directories above - I want to modify changes to the above to Alert Level 14? Basically, I am hooking OSSEC into Nagios alerting with a shell script but I only want to be alerted (hook into Nagios) at Level 14 or above. Is there a way I can do it in the standard config file: /var/ossec/etc/ossec.conf I would prefer not to modify anything in the rules directory but just have any mods in the same place in the standard config file. Cheers, Tahir -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.