I haven't tried it to make sure it will work, but try: zcat /var/ossec/logs/alerts/whatever_the_files_are | /var/ossec/bin/ossec-reportd -f level 12 2>&1 | more
I think you would have to run it once for each level, but give it a shot. dan On Tue, May 3, 2011 at 12:41 PM, <[email protected]> wrote: > Hello, > > > > Does anyone know of a quick way to run through all the OSSEC alert log data, > and extract all alerts over level 12 severity rating, dumping them into a > file? Thanks! > > > > > > > > > > > > Tyler Ross > >
