I would like to learn something then. I
sent you a log of mine so it is problematic or a specific problem to me only ?
From:
ossec-list@xxxxxxxxxxxxxxxx [mailto:ossec-list@xxxxxxxxxxxxxxxx] On Behalf Of Meir Michanie
Sent: Tuesday, September 05, 2006
12:14 AM
To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] please give
me some logs
Hi everybody,
I am commited to help ppl with ossec2mysql problems.
I am also interested in developing some tools that will help us cleanup log
files before posting to the list, etc.
Therefore I need different alert log samples. I added two samples at wiki
under:
http://www.ossec.net/wiki/index.php/OSSEC_alerts_log_format
if you log file is different add it to the page.
do not edit the alert in any way but replacing IP and domain names. so we
can use the alert ofr regex and parsing.
TIA.