Hello, I'm quite new to OSSEC, and there are two things I can't find out:
How do I increase the frequency of the rule when someone is blocked because of a 400 error (failed to login through htaccess in Apache2). I looked for the rule, but it doesn't show a frequency, is there a default frequency ? Also if an IP is blocked, how can I unblock it through ossec ? Or do I have to do it manually and delete the entries for hosts.deny and iptables ? Thank you !