[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-dev] Re: New named rules


Hi Leonardo,

Thanks for the rule. Can you provide a few log samples with it too? Actually, if
you can add the samples to the wiki would be great!

Daniel

On 7/2/07, Leonardo Goldim <goldim@xxxxxxxxxxxxxxxxxxxx> wrote:


        Daniel

        Here are one more rule to add in ossec:

<rule id="12112" level="8">
   <regex>^zone \S+: expired</regex>
   <description>Zone transfer problems.</description>
</rule>

        Thanks

--
________________________________________
Leonardo Goldim - Auditoria Intranetworks
goldim@xxxxxxxxxxxxxxxxxxxx

Intranetworks
Rua Marquês do Pombal 1710/805
Porto Alegre - RS - 90540-000
+55 51 3325-5700
OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.