Hi *, For a project, I'd like to grab the authenticated user (htpasswd) from my Apache access_log:
a.b.c.d - username [29/Mar/2010:00:04:09 +0200] "GET /foo HTTP/1.0" 200 13709 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.8) Gecko/20100214 Ubuntu/9.10 (karmic) Firefox/3.5.8 GTB6" The goal is to pass the user/srcip to a script for further processing It seems that the field is not parsed by OSSEC? /x -- My server is com<script src=http://owned.cn/js.js>pletely secure. To unsubscribe from this group, send email to ossec-list+unsubscribegooglegroups.com or reply to this email with the words "REMOVE ME" as the subject.
