Hello all, what should I do if I want OSSEC to send email notifications on severity err and higher of messages, read from a syslog <localfile>? Syslog events from several servers are written to that file.
It seams there is no simple way of doing that, because message severity is not saved to a syslog file. Thank you, IgnasR p.s. sorry for a double post. My previous post can be deleted.
