I've seen the possibility mentioned in this forum a couple of times regarding adding the ability to check an MD5sum CDB list with rules. Right now, I'm in a situation where I could use that ability. However, I can't see anywhere that describes how to use it. Was that ever implemented? Frankly, I'm interested enough in this feature that I'd do it myself if I could, but I don't know C/C++, and only do scripting in Python.
I'm trying to monitor a web folder for changes, but of course I don't want to be alerted on every file when a releases is done (they can be done at any time of day too). I can get md5 sums of each of the files prior to the release to whitelist them for ossec, but I can't seem to figure out how to tell ossec to use that database. Any help would be appreciated. Thanks. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.