[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] fwlog question

To: ossec-list@xxxxxxxxx
Subject: [ossec-list] fwlog question
From: "Quenten Griffith" <qgriffith@xxxxxxxxx>
Date: Sun, 11 Jun 2006 13:33:57 -0400

I have setup OSSEC and it is a great tool. It has already caught a few things for me. I about to enable Active Response as well to help stop the brute force SSH attackes I keep on getting. I have not been able to get OSSEC to alert me on my firewall log however. It is generated with syslog-ng and I added to my local list as a syslog type. So far I have yet to recive one alert on this log. I get a lot of drops during the day because of attempting hacks in my fwlog however OSSEC does not send me anything. What is the alert looking for in firewall logs?

--~--~---------~--~----~------------~-------~--~----~
-~----------~----~----~----~------~----~------~--~---

Follow-Ups:
- [ossec-list] Re: fwlog question
  - From: Daniel Cid

Prev by Date: [ossec-list] Re: feature request: whitelist
Next by Date: [ossec-list] Re: vsftpd rule
Previous by thread: [ossec-list] Re: feature request: whitelist
Next by thread: [ossec-list] Re: fwlog question
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.