[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: ossec v0.9 BETA available.

ignore the patch for the moment. I have to fix a bug

On 7/21/06, Meir Michanie <meirgotroot@xxxxxxxxx> wrote:
I would like to get the FQDN of the nmaped host in the alert report and not just the IP. So I patched my own ossec-logcollector. Here is the diff
206c206
<         p = strchr(q, ' ');
---
>         p = strchr(q, ')');
211d210
<         *p = '\0';
212a212
>         *p = '\0';
217a218
>         *p='\t';


The new alert  in the alert log:
Host: 10.0.0.1 ( ossec.somedomain.com)     Ports: 22/open/tcp//ssh/// Ignored State: closed (1664), open ports: 22(tcp)

instead of

Host: 10.0.0.1      Ports: 22/open/tcp//ssh/// Ignored State: closed (1664), open ports: 22(tcp)





--~--~---------~--~----~------------~-------~--~----~
-~----------~----~----~----~------~----~------~--~---

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.