On 05/17/2011 01:59 PM, Jason Frisvold wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On May 12, 2011, at 5:41 AM, treydock wrote:
I had to accomplish this a few days ago. See my post here,
http://itscblog.tamu.edu/ossec-email-alerts-on-active-responses/ . I
have the exact decoder and rules I used to receive emails upon active-
response execution.
Thanks for the shout out in the post.. I wasn't the originator of that code,
but I believe I had cleaned it up some.. Regardless, good writeup on the whole
process.
I have added this (with some modifications) to my fork and am about to
commit it for consideration into release. Trey and Jason, do I have your
permission? I will list the contributors as "Jason Frisvold," "Trey
Dock," and myself. Jason, you mentioned that there was an original
author. Do you know who that is?
