[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-dev] Re: New named rules


	Hi Daniel,

	Here some samples with the message:
Jul 4 10:31:39 internet-gw named[7136]: zone metalurgicakoch.com.br/IN/external: expired Jul 4 10:31:39 internet-gw named[7136]: zone optosolution.com.br/IN/external: expired 

	Where can i add on the wiki?

	Thanks
--
________________________________________
Leonardo Goldim - Auditoria Intranetworks
goldim@xxxxxxxxxxxxxxxxxxxx


Daniel Cid escreveu:


Hi Leonardo,
Thanks for the rule. Can you provide a few log samples with it too? Actually, if 
you can add the samples to the wiki would be great!

Daniel

On 7/2/07, Leonardo Goldim <goldim@xxxxxxxxxxxxxxxxxxxx> wrote:


        Daniel

        Here are one more rule to add in ossec:

<rule id="12112" level="8">
   <regex>^zone \S+: expired</regex>
   <description>Zone transfer problems.</description>
</rule>

        Thanks

--
________________________________________
Leonardo Goldim - Auditoria Intranetworks
goldim@xxxxxxxxxxxxxxxxxxxx

Intranetworks
Rua Marquês do Pombal 1710/805
Porto Alegre - RS - 90540-000
+55 51 3325-5700
OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.