Hello Dan, below is the link i was referring to http://www.ossec.net/doc/manual/monitoring/index.html I am using to gather java stack trace from the app server logs. Below is the syntax i have used but did not work.
<localfile> <log_format>multi-line:50</log_format> <location>/var/log/resin/jvm-app-0.log</location> </localfile> In case you have anyother reference links please guide me. Thank you. On Wed, Dec 12, 2012 at 4:27 PM, dan (ddp) <[email protected]> wrote: > > On Dec 12, 2012 5:49 AM, "Sendil" <[email protected]> wrote: >> >> >> Has Anybody has tried using the multi line command in ossec, If yes please >> let me know the systax used. i have followed the Wiki but could not get the >> result instead the ossec-hids failed to start. I am using ossec version 2.6. >> My requirement is to grep 50 lines in the logs after the error is found. >> currently only i am getting mails of the errors but i have to get the stack >> trace for that error. >> >> Thanks in advance. > > I don't think there is a wiki, what examples were you using? > > What have you tried? Commands are generally pretty easy, I've contributed a > few examples to the list in the past.
