Hi, I'm new to ossec and I'm wondering where I should be looking to get information on rule syntax and options. For example, I don't know what the 'ignore' part of '<rule id="5712" level="10" frequency="6" timeframe="120" ignore="60"> <rule id=... ignore="60">' actually does.
I've tried to find it on the website and wiki but I'm can't find anything. Cheers, Tim -- Tim Nicholas
