Hi all,
I have the following directive in my ossec.conf:
email_alerts
email_tom...@mydomain.com/email_to
rule_id300042/rule_id
do_not_delay /
do_not_group /
/email_alerts
This, I would assume, should only send the email of the 300042
triggered event. Correct?
If so, it
On Tue, Feb 8, 2011 at 2:50 PM, jplee3 jpl...@gmail.com wrote:
Hi all,
I have the following directive in my ossec.conf:
email_alerts
email_tom...@mydomain.com/email_to
rule_id300042/rule_id
do_not_delay /
do_not_group /
/email_alerts
This, I would assume, should only
What is the directive again for disabling grouping?
On Tue, Feb 8, 2011 at 11:52 AM, dan (ddp) ddp...@gmail.com wrote:
On Tue, Feb 8, 2011 at 2:50 PM, jplee3 jpl...@gmail.com wrote:
Hi all,
I have the following directive in my ossec.conf:
email_alerts
On Tue, Feb 8, 2011 at 3:05 PM, Jeremy Lee jpl...@gmail.com wrote:
What is the directive again for disabling grouping?
Look in /var/ossec/etc/internal_options.conf .
# Maild grouping (0=disabled, 1=enabled)
# Groups alerts within the same e-mail.
maild.groupping=1
I'm sure there's a better