subject:"\[ossec\-list\] Is it possible to trigger an active response on a rule with a severity level of 0\?"

Re: [ossec-list] Is it possible to trigger an active response on a rule with a severity level of 0?

2017-04-17 Thread Jesus Linares

Hi Rob, I'm not sure, but you can increase the level to 1 and: set the attribute noalert : or use the options no_log :

Re: [ossec-list] Is it possible to trigger an active response on a rule with a severity level of 0?

2017-04-13 Thread dan (ddp)

On Wed, Apr 12, 2017 at 1:40 PM, Rob Williams wrote: > Essentially, I want to trigger an active response for a rule that I created > that has a severity level of 0. I created this rule because I did not want > to be alerted on the default rule and only wanted to be

[ossec-list] Is it possible to trigger an active response on a rule with a severity level of 0?

2017-04-12 Thread Rob Williams

Essentially, I want to trigger an active response for a rule that I created that has a severity level of 0. I created this rule because I did not want to be alerted on the default rule and only wanted to be alerted based on the output from my active response. My question is if I have the