Hi list
I’m new to OSSEC I installed it on a Solaris 10 server with
several Sun
Clients and some Windows also. I have a simple question and I did
not
Find in the documentation
It pertains to ossec.conf and the log format. What are the accepted
formats
That are accepted by ossec example below. Can syslog be replaces by
sudo
<localfile>
<log_format>syslog</log_format>
<location>/var/adm/messages</location>
</localfile>
<localfile>
<log_format>Sudo</log_format>
<location>/var/adm/sudo.log</location>
</localfile>
<localfile>
Thank you for any help
Dan
