On 04/03/2011 02:46 PM, Kat wrote:
So all I want to do is have OSSEC send the data, ignore it for alerts, but dump it into the database. I know about "log all" but was wondering the best way to have OSSEC ignore the data completely?
This should do the job: http://www.immutablesecurity.com/index.php/2010/01/29/using-ossec-for-encrypted-log-transport/
