subject:"\[ossec\-list\] for file name"

Re: [ossec-list] for file name

2016-08-16 Thread Jesus Linares

Hi, It's up to you. I like to use URL for path/filenames. Here the fields: - srcuser: extracts the source username - dstuser: extracts the destination (target) username - user: an alias to dstuser (only one of the two can be used) - srcip: source ip - dstip: dst ip - srcport:

Re: [ossec-list] for file name

2016-08-15 Thread dan (ddp)

On Fri, Aug 12, 2016 at 10:33 AM, Семён С wrote: > Hi. > I write a rule for handling FTP > It should be downloading that file in the log select a field with the file > name. > Exampl: > Src IP: 10.20.0.1 ---> scrip > User: username -> user > etc > What should be

[ossec-list] for file name

2016-08-12 Thread Семён С

Hi. I write a rule for handling FTP It should be downloading that file in the log select a field with the file name. Exampl: Src IP: 10.20.0.1 ---> scrip User: username -> user etc What should be specified in the for file name? -- --- You received this message because you are