Can you show us a few lines of these logs? In addition to that, we made a few fixes in the latest snapshot to support the extra pix timestamping. If you can try it:
http://www.ossec.net/files/snapshots/ossec-hids-060820.tar.gz Maybe your problem is fixed already there... Thanks, -- Daniel B. Cid dcid ( at ) ossec.net On 8/28/06, Erick Kinnee <[EMAIL PROTECTED]> wrote:
OSSEC is reading the PIX logs sent to it via syslog, it generates alerts, but all of the alerts say "Unknown problem somewhere in the system." They don't seem to be picking up the descriptions from pix_rules.xml. Why?
