I'd like to clarify and add that the OSSEC server hosts Location field
in
discosco ossec: Alert Level: 10; Rule: 5712 - SSHD brute force trying
to get access to the system.; Location: discosco->/var/log/secure;
srcip: 72.55.156.23; Apr 12 22:35:40 cricket-dev sshd[19838]:
Invalid
user recruit fro
Hello Dan,
Would you mind pointing to me which subroutine of which module I
should modify? Your answer does not need to be exact - as long as I
don't have to wade through the entire code :)
I told my boss I wanted to make the change on my own time but my boss
was gracious about it :)
On May 6, 3
Hello Dan,
At this point, I know what changes in the source code I want to make
and where in the source code I want to make them.
I want to run these changes by you to make sure that:
(1) they do what I want done, which is to make the format of those
syslog alerts whose source is the OSSEC serv
I don't know the answer to that. I haven't looked at the code far
enough in depth for that.
I'd start by looking in src/os_csyslogd
On Mon, May 9, 2011 at 12:20 PM, blacklight wrote:
> Hello Dan,
>
> Would you mind pointing to me which subroutine of which module I
> should modify? Your answer doe