Hi Brian, I'm glad to hear that!. I did some chages to extract the port and other fixs. You can see the apache decoders updated here <https://github.com/wazuh/ossec-rules/blob/development/rules-decoders/ossec/decoders/apache_decoders.xml>. Also I sent a pull request <https://github.com/ossec/ossec-hids/pull/746> to ossec-hids.
Regards, Jesus Linares. On Wednesday, February 17, 2016 at 8:17:54 PM UTC+1, webwzrd wrote: > > Jesus, > > You were spot on! Your analyses and solution worked perfectly. Thank you > so much. I had made some additional Ossec rules for ModSecurity and now > they're all working. > > I don't know if you are associated with the development team at github, > but this should be shared because it is likely to be a problem for everyone > using ModSecurity with Apache 2.4. The Apache decoders should be changed > here: https://github.com/ossec/ossec-hids/blob/2_9_b/etc/decoder.xml > > Thank you again, > Brian > > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.