For the alerts that should include a dstip, is the srcip field being populated instead?
On Tue, Aug 2, 2011 at 1:04 PM, ash kumar <[email protected]> wrote: > I set up logging to mysql for version 2.6. I created the schema using the > mysql.schema file included in the src/ directory of the distribution. > All fields barring the dstip field are being populated. I am not sure where > to start troubleshooting the issue. No ossec-dbd errors are logged in > /var/ossec/logs/ossec.log > Any assistance would be appreciated. > Ash Kumar
