Example from the wui (index.php) Latest events
2011 Jun 10 00:00:43 Rule Id: 591 level: 3 Location: (rigel) 10.0.55.7->ossec-logcollector Src IP: ile rotated (inode changed): '/var/log/maillog'. Log file rotated. ** Alert 1307685694.192: - ossec, 2011 Jun 10 00:01:34 arcturus->ossec-logcollector Rule: 591 (level 3) -> 'Log file rotated.' ossec: File rotated (inode changed): '/var/log/maillog'. -Chuck On 6/10/11 12:03 PM, dan (ddp) wrote: > Hi 2secureit, > > On Fri, Jun 10, 2011 at 1:28 PM, 2secureit <[email protected]> wrote: >> As you can see below the Src IP: field is not parsing correctly? Can >> someone point me in the right direction to fix. Thanks--- >> >> >> 2011 Jun 10 13:21:28 Rule Id: 581 level: 8 >> Location: ossec-server->/var/log/nmap-out.log >> Src IP: 2.168.1.126 (), open ports: >> Host information added. >> ** Alert 1307726488.94736: mail - ossec,hostinfo, >> 2011 Jun 10 13:21:28 telos-nessus->/var/log/nmap-out.log >> Rule: 581 (level 8) -> 'Host information added.' >> Host: 192.168.1.127 (), open ports: > > I won't use the wui, which .php file does not appear on?
