On 06/23/2011 08:59 PM, Jeremy Lee wrote:
Thanks Michael,
I have FIM on so I'll have to get that set for alerting. However, I
realized we have Snoopy installed on this box, so I'm basically just
pointing OSSEC to watch the Snoopy log locally. I already created a
decoder for Snoopy and just had to create some rules to filter based on
certain matches.
I'm glad you mentioned this. I was just looking at Snoopy and planned on
adding support. :) Care to share what you have developed so we can add
it to OSSEC?
