[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: Windows Event Logs in Syslog (Flat text) format?

To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] Re: Windows Event Logs in Syslog (Flat text) format?
From: "Daniel Cid" <daniel.cid@xxxxxxxxx>
Date: Thu, 2 Nov 2006 22:06:24 -0400
Cc: "Jeremy Lee" <jplee3@xxxxxxxxx>
Content-disposition: inline
Content-transfer-encoding: 7bit


Hi Jeremy,

We currently do not have it. Actually, we don't even need to add any
rules, just a
decoder to extract the information we need (user, ids, sources, etc). Do you
have a few log samples to share with us? We can certainly add support for
them without too much work...

Thanks,

--
Daniel B. Cid
dcid ( at ) ossec.net

On 11/1/06, Jeremy Lee <jplee3@xxxxxxxxx> wrote:


Hi all,
  Just curious if there's a rule that exists which
parses for files containing Windows Event Log entries
stored in text format/Syslog (by use of programs such
as NTSyslog) on a Unix server.


Thanks,
Jeremy

Follow-Ups:
- [ossec-list] Re: Windows Event Logs in Syslog (Flat text) format?
  - From: Jeremy Lee

References:
- [ossec-list] Windows Event Logs in Syslog (Flat text) format?
  - From: Jeremy Lee

Prev by Date: [ossec-list] Re: Unable to install
Next by Date: [ossec-list] Re: Filtering Windows logon events - type 3
Previous by thread: [ossec-list] Windows Event Logs in Syslog (Flat text) format?
Next by thread: [ossec-list] Re: Windows Event Logs in Syslog (Flat text) format?
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.