Well I have seen the dump file generated after sending a SIGUSR1 signal to SEC
, the problem is that I can't identify which one here is the key for
correlation..
is this the one
Rule 1 Line 5 matched 2 events ($0)
is the $0 the key??
and another question what does %% and %u mean? i assume %s means the string and
%t means time
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Simple-evcorr-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
