Hello All, I was wondering if anyone know if it's possible to grab data from a syscheck decoding or how to go about it? The agent and filename are what I am looking for. I'd like to be able to write an active response that checked a file's contents against a known configuration, perhaps in a Subversion repository.
-Reggie
