Hi John, Currently this is not possible, but you can open a feature request at:
http://www.ossec.net/bugs/ And we will take a look into implementing it. Thanks, -- Daniel B. Cid dcid ( at ) ossec.net On Dec 31, 2007 5:48 AM, Verlag Neue Stadt <[EMAIL PROTECTED]> wrote: > > Hello, > > we would appreciate to have OSSEC terminated unauthorized windows > applications* > (immediately of after a definable period of time). > > > > Thank's a lot for your feedback! > > John > > > > PS > E.G all applications which are not on the "White-List" >