I've followed exactly what's been written in the wiki and can't get this thing to work.
http://www.ossec.net/wiki/index.php/PIX_and_IOS_Syslog_Config_examples#Configuring_Cisco_IOS_router Here's an entry from alerts.log ** Alert 1188186690.3711: mail - syslog,errors, 2007 Aug 27 13:51:30 shells->203.x.x.8 Rule: 1002 (level 7) -> 'Unknown problem somewhere in the system.' Src IP: (none) User: (none) 782: %SEC-6-IPACCESSLOGS: list 30 denied 203.20.69.66 1 packet For undenied telnet access, Ossec is still telling me that there's an "'Unknown problem somewhere in the system."????
