Hi Teo En Ming
On the machine which generates mod_security audit logs,I set the ossec.conf
like this
<localfile>
<log_format>syslog</log_format>
<location>/usr/local/apache2.2.6/logs/modsec_audit.log</location>
</localfile>
and it works.
You may refer to the <http://www.ossec.net/main/manual/>
http://www.ossec.net/main/manual/ [ Table 3.6: Localfile options ] and take
a look at the Description.
Best wishes.
Xu Feng
Yuanjie Networks,Shanghai,China
MSN: [EMAIL PROTECTED]
On Wednesday, January 24, 2008
_____
From: [email protected] [mailto:[EMAIL PROTECTED] On
Behalf Of Teo En Ming
Sent: 2008年1月23日 12:32
To: [EMAIL PROTECTED]
Cc: Teo En Ming
Subject: [ossec-list] OSSEC support for Mod_Security Audit Logs
Hi List,
May I know if OSSEC supports mod_security audit logs? What parameter should
I use in <log_format> ??? </log_format>?
Thank you.
Regards,
Teo En Ming
