Hello, I just wanted to inquire if anyone has been able to create separate filtered reports for file integrity?
I noticed all FIM alerts are "syscheck" group tag and I can create sub-rules with new group tags but I cant find a way to do an "all except" report with ossec-reportd. So I have group tags for groups of servers. Syscheck --app1 --app2 --app3 I can run reports on app1,2,3 but I cant say give me everything else in sysycheck thats not in app1,2,3. Anyone have a suggestion to accomplish this? Thank you for your help. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
