Essentially, I want to trigger an active response for a rule that I created that has a severity level of 0. I created this rule because I did not want to be alerted on the default rule and only wanted to be alerted based on the output from my active response. My question is if I have the severity level of 0, will it just be completely ignored without the active response even triggering? I ask because I'm having trouble setting it up properly and want to rule out if this is the cause. Thank you for your help in advance.
-- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
