[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Chatty PIX rules

To: ossec-list@xxxxxxxxxxxxxxxx
Subject: [ossec-list] Chatty PIX rules
From: Erick Kinnee <ekinnee@xxxxxxxxxxxx>
Date: Thu, 7 Sep 2006 09:19:15 -0500
Content-transfer-encoding: 7bit

Have we come up with a workable way to suppress or threshold downalerts for certain devices? I have several PIXes sending syslogs tothe OSSEC box and I'm being flooded with alerts. There were 139 ofthem last night for one PIX as it was doing what it's supposed to anddropping traffic based on ACLs. Maybe I need to turn something downon the PIX? I do have it configured with "logging trap debugging".

Follow-Ups:
- [ossec-list] Configuring OSSEC for PIX
  - From: Marty E. Hillman
- [ossec-list] Re: Chatty PIX rules
  - From: Daniel Cid

Prev by Date: [ossec-list] SQL Injection Detection
Next by Date: [ossec-list] Configuring OSSEC for PIX
Previous by thread: [ossec-list] Re: SQL Injection Detection
Next by thread: [ossec-list] Configuring OSSEC for PIX
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.