Hi we use ossec-hids 1.3 on FreeBSD and we would like to monitor the logs of BIND. If we use a log_format of 'named' the server cannot even start. If we use a log_format of syslog for the log file of named we get tons of false positives. Is it possible on ossec-hids 1.3 to monitor the logs of named? Which log_format should we use? Thanks a lot
Valerio Daelli
