We are getting an error on line 65 of local_rules.xml 2013/11/08 12:37:43 ossec-analysisd(1226): ERROR: Error reading XML file 'rules//local_rules.xml': XML ERR: Element not closed: match (line 65). 2013/11/08 12:37:43 ossec-testrule(1220): ERROR: Error loading the rules: 'local_rules.xml'.
The match element below corresponds with line 65. All of the tags have corresponding closed tags. <rule id="100011" level="11"> <decoded_as>windows</decoded_as> <if_matched_group>syscheck</if_matched_group> <match>D:\randomdir\random.exe</match> <description>Changes to D:\randomdir\random.exe - Investigate if change is Authorized!</description> </rule> I am having a hard time figuring out what the issue is. I can comment out the match line and I will still get the same error. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
