Could somebody explain the purpose of the group tags in the ossec rule file, for example what is the relationship between the decoder and group. Why would i wanna say <group name="group1,group2, ... >
I am little confused how the group tag is getting used here thanks in advance -- To unsubscribe, reply using "remove me" as the subject.
