Update: As it turns out enVision is receiving valid syslog alerts
from OSSEC. RSA (enVision vendor) has to write code in order for
enVision to be able to parse the alerts . Even though OSSEC is
sending valid syslog data, we still have to pay RSA for them to be
able to 'decode' it -- (read
Subject: [ossec-list] Re: RFC 3164 Compliant for syslog output
Update: As it turns out enVision is receiving valid syslog alerts
from OSSEC. RSA (enVision vendor) has to write code in order for
enVision to be able to parse the alerts . Even though OSSEC is
sending valid syslog data, we still have
Hi Patrick,
That's a very serious accusation from them ;) As far as I know, we
produce a valid syslog output
according to the RFC. Can they explain what is wrong with it?
Thanks,
--
Daniel B. Cid
dcid ( at ) ossec.net
On Tue, Jun 2, 2009 at 1:52 PM, patrick.swa...@firstdata.com wrote:
RSA