[ossec-list] alerts.log format

Mike Sievers Fri, 12 Mar 2010 03:53:01 -0800

Hi List!

Is it possible to change the alerts.log format? I would like to
receive an alert in just one line.
Like:


2010 Mar 12 10:18:39 host-sec->syscheck , ** Alert 1268385519.244686:
mail  - ossec,syscheck, Rule: 550 (level 7) -> 'Integrity checksum
changed.', Src IP: (none) ,User: (none), Integrity checksum changed
for: '/sbin/checkproc'

or somethink like this.

Greets,
Mike

[ossec-list] alerts.log format

Reply via email to