[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-cvs] ossec-hids: README (HEAD) [dcid]

To: ossec-cvs@xxxxxxxxx
Subject: [ossec-cvs] ossec-hids: README (HEAD) [dcid]
From: OSSEC CVS <cvs-commit@xxxxxxxxx>
Date: Sat, 18 Aug 2007 00:43:38 -0300 (ADT)
Authentication-results: mx.google.com; spf=pass (google.com: domain of dcid+caf_=ossec-cvs=googlegroups.com@xxxxxxxxx designates 66.249.82.233 as permitted sender) smtp.mail=dcid+caf_=ossec-cvs=googlegroups.com@xxxxxxxxx
Authentication-results: mx.google.com; spf=neutral smtp.mail=dcid@xxxxxxxxxxxxxxxx
Content-transfer-encoding: 8bit

Module name:	ossec-hids
Changes by:	dcid	07/08/18 00:43:35

Modified files:
	README

Log message:
Description: Small fix to the readme..
Reviewed by: dcid
Bug:

Index: README
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/os_dbd/README,v
diff -u -r1.1 -r1.2
--- README	18 Aug 2007 03:38:34 -0000	1.1
+++ README	18 Aug 2007 03:43:35 -0000	1.2
@@ -28,13 +28,15 @@
 
 6- View all alerts, including locations (IP as string and time as string):
 
->SELECT FROM_UNIXTIME(timestamp) time, rule_id,location.name location, full_log FROM alert,location, data WHERE location.id = alert.location_id;
+>SELECT FROM_UNIXTIME(timestamp) time, rule_id,location.name location, INET_NTOA(src_ip) srcip, full_log FROM alert,location, data WHERE location.id = alert.location_id AND data.id = alert.id AND data.server_id = alert.server_id;
 
 Output:
 
-+---------------------+---------+---------------------------+-----------------------------------------------------+
-| time                | rule_id | location                  | full_log                                            |
-+---------------------+---------+---------------------------+-----------------------------------------------------+
-| 2007-08-18 00:28:49 |    1002 | enigma->/var/log/messages | Aug 18 00:28:49 enigma dcid: Segmentation Fault 1q2 |
-+---------------------+---------+---------------------------+-----------------------------------------------------+
++---------------------+---------+---------------------------+--------------+--------------------------------------------------------------------------------------------------+
+| time                | rule_id | location                  | srcip        | full_log                                                                                         |
++---------------------+---------+---------------------------+--------------+--------------------------------------------------------------------------------------------------+
+| 2007-08-18 00:28:49 |    1002 | enigma->/var/log/messages | 0.0.0.0      | Aug 18 00:28:49 enigma dcid: Segmentation Fault 1q2                                              |
+| 2007-08-18 00:38:06 |    5715 | enigma->/var/log/authlog  | 192.168.2.10 | Aug 18 00:38:02 enigma sshd[24284]: Accepted password for dcid from 192.168.2.10 port 34631 ssh2 |
+| 2007-08-18 00:38:21 |    5715 | enigma->/var/log/authlog  | 192.168.2.10 | Aug 18 00:38:15 enigma sshd[20749]: Accepted password for dcid from 192.168.2.10 port 35755 ssh2 |
++---------------------+---------+---------------------------+--------------+--------------------------------------------------------------------------------------------------+

Prev by Date: [ossec-cvs] ossec-hids: dbd-config.h (HEAD) [dcid]
Next by Date: [ossec-cvs] ossec-hids: README (NEW) alert.c (NEW) db_op.c (HEAD) dbd.c (HEAD) dbd.h (HEAD) main.c (HEAD) mysql.schema (HEAD) rules.c (HEAD) server.c (HEAD) [dcid]
Previous by thread: [ossec-cvs] ossec-hids: Config.Make (HEAD) [dcid]
Next by thread: [ossec-cvs] ossec-hids: mysql.schema (HEAD) [dcid]
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.