subject:"\[ossec\-list\] Re\: Ignore clients logs from the server"

[ossec-list] Re: Ignore clients logs from the server

2007-09-16 Thread Daniel Cid

Hi Chris, The location where the alert came from can be searched using the hostname tag. For example: rule id=110007 level=0 if_sid1003, 31101, 1002/if_sid hostnameerror_log/hostname descriptionWeb log ignore./description /rule Basically, when you look at an alert it has:

[ossec-list] Re: Ignore clients logs from the server

2007-09-14 Thread Peter M. Abraham

Greetings Chris: Are you asking to ignore logs for all clients or just some? If all, then what, may I ask, are you using OSSEC to monitor? Thank you.

[ossec-list] Re: Ignore clients logs from the server

2007-09-14 Thread Chris Russell

Message - From: ossec-list@googlegroups.com ossec-list@googlegroups.com To: ossec-list ossec-list@googlegroups.com Sent: Fri Sep 14 18:09:10 2007 Subject: [ossec-list] Re: Ignore clients logs from the server Greetings Chris: Are you asking to ignore logs for all clients or just some? If all