Good morning everybody, > Thanks for the response. Yes, I found the logs yesterday. > I wasn't paying attention when I installed as to were the logs were > being kept, but I have verified that active-response is working.. kind > of funny actually because I locked my self out of my machine while I was > still looking for the logs when I ran a scan against my machine.. :) >
would it be possible to add some info about active response to the alert mails? Something like: blahblah Level 12: very bad things happening. active response triggered: 192.168.1.2 peter --~--~---------~--~----~------------~-------~--~----~ -~----------~----~----~----~------~----~------~--~---
