[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: My own rules

Hi Daniel,

Regarding how to write the rules, the following documents can help:

http://www.ossec.net/ossec-docs/auscert-2007-dcid.pdf
http://www.ossec.net/wiki/index.php/Know_How:Ignore_Rules

Thanks,

--
Daniel B. Cid
dcid ( at ) ossec.net

On 9/18/07, Peter M. Abraham <peter.m.abraham@xxxxxxxxx> wrote:
>
> Greetings Daniel:
>
> Custom rules can be placed in /var/ossec/rules/local_rules.xml
>
> Thank you.
>
>
OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.