hello,i have some problem when use ossec
HIDS.it seems can not analyse the iis logs.We use sql injection to the iis web
site,but can not fire alerts.we have tried our best to find the
solution.Can you please tell us
what reasons may lead the
problem,or it is just becuase the rules do not include a rule for iis
logs?
eagerly hear of your reply!thank
you!
yuandonghe
2006-10-25
