Hi, I'd like to learn to take advantage of the reporting from OSSEC. I have tried one, but only get an e-mail with a subject, nothing in the body.
> <reports> > <rule>18152</rule> > <user type="relation">srcip</user> > <title>Daily report: Failed Logins</title> > <email_to>*my e-mail address*</email_to> > </reports> What I'd like to get is a summary of alerts fired for rule 18152. Does anyone have examples they are willing to share of any types of reports you have sent to you? Thanks!
