Has Anybody has tried using the multi line command in ossec, If yes please let me know the systax used. i have followed the Wiki but could not get the result instead the ossec-hids failed to start. I am using ossec version 2.6. My requirement is to grep 50 lines in the logs after the error is found. currently only i am getting mails of the errors but i have to get the stack trace for that error.
Thanks in advance.
