Thanks, Jared. I'm using ossec in security onion environment. Labels - great idea as for me. As i can see, labels not implemented in ossec. Thanks, Dan. I've opened an issue.
On Tue, May 8, 2018 at 5:14 AM dan (ddp) <ddp...@gmail.com> wrote: > On Mon, May 7, 2018 at 10:13 PM, dan (ddp) <ddp...@gmail.com> wrote: > > On Mon, May 7, 2018 at 2:57 AM, Александр Канайкин > > <alex.kanay...@gmail.com> wrote: > >> Hi guys! > >> > >> Is there an ability to configure resolving hostname in alert from syslog > >> device (not an agent)? > >> > >> For example can : > >> > >> Received From: ids->10.10.19.1 > >> > >> look like > >> > >> > >> Received From: ids->asa123 > >> > >> > >> or > >> > >> > >> Received From: ids->asa123.example.com > >> > >> > >> Thanks in advance. > >> > > > > There's currently no option for this. > > > > I hit send too soon. You can try opening an issue on > https://github.com/ossec/ossec-hids/issues, and maybe someone would > be interested in coding it up. > > >> > >> > >> -- > >> > >> --- > >> You received this message because you are subscribed to the Google > Groups > >> "ossec-list" group. > >> To unsubscribe from this group and stop receiving emails from it, send > an > >> email to ossec-list+unsubscr...@googlegroups.com. > >> For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- Best regards, ________________________________ Kanaykin Alexander tel:+380679729888 skype:alex.kanaykin -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.