Hi,
Fantastic thanks, just what I was after.
--
Andy
On 17 February 2014 16:49, Andy Smith <[email protected]> wrote:
> Hi,
>
> I have a trivial use case where I have SEC analyzing application logs on
> native windows platforms. So far it is working well with my configuration
> being no more complex than a bunch of 'singles' notifying about different
> types of badstuff identified by RegExp.
>
> I want to add a rule so that if no badstuff occurred in lets say, 300
> seconds, it should report an 'All Clear'. Also, a node may go unused for
> days at a time with no input being added to the log and I wanted to cater
> for this as well, issuing the same 5 minute all clear.
>
> I have looked at the sample rules identified in
> http://www.cs.umb.edu/~rouilj/sec/rulesets/Readme.txt and I can see bits
> of what I want, but my lack of familiarity at the moment has lead to a few
> dead ends when I try and implement anything. Can someone help with some
> pointers please, can I even achieve what I want if no lines are added to
> the log?
>
> Thanks
> --
> Andy
>
------------------------------------------------------------------------------
Managing the Performance of Cloud-Based Applications
Take advantage of what the Cloud has to offer - Avoid Common Pitfalls.
Read the Whitepaper.
http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk
_______________________________________________
Simple-evcorr-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users
