[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-list] Re: AIX 5.3 sshd logins and sudo
- To: ossec-list@xxxxxxxxxxxxxxxx
- Subject: [ossec-list] Re: AIX 5.3 sshd logins and sudo
- From: "Nerijus Krukauskas" <nkrukauskas@xxxxxxxxx>
- Date: Tue, 23 Oct 2007 10:30:19 +0300
- Authentication-results: mx.google.com; spf=pass (google.com: domain of nkrukauskas@xxxxxxxxx designates 64.233.184.234 as permitted sender) smtp.mail=nkrukauskas@xxxxxxxxx; dkim=pass (test mode) header.i=@xxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=ll4Q0zUbcknyuOdOYxe4uMeCzI6Z0Yv/BJUXxrWTK8w=; b=B5LsCFNFA8xlXBvMdJt2ynKNuWq1Blk5JliZaKaw6thFdlLUHFQ+ptaPnPtwaSyYgRxBwjs9MyXQESed9UrJ+d9viSZr3JrGrzlmGnruZZNizqKIGqjOBsJq49lfMUVIf0YeHbdUkdrhTeIJRuFcyiGInMqmYRZXkA2dslsz6uA=
Hi,
On 12/10/2007, Daniel Cid <daniel.cid@xxxxxxxxx> wrote:
> I made some changes to the pre-decoders within ossec to support the
> syslog format
> from AIX. If you can try it out from:
>
> http://www.ossec.net/files/snapshots/ossec-hids-071011.tar.gz
>
> It should parse properly all these messages.
I took http://www.ossec.net/files/snapshots/ossec-hids-071018.tar.gz.
It still has the same hassles with pthread.h includes.
How do I check that it parses ssh messages correctly?
--
http://nk99.org/
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.