Here is an interesting situation -- One OSSEC Manager with say 1000 agents.
200 of those agents are located in a private DMZ, the remaining 800 behind that zone. I created a CDB of the 200 hosts, and was wondering, could there be a way to apply some txt to a group of rules -- for example <group>access_denied,</group> - so that anything from that particular group - IF it also showed up in the CDB could add something like (Rule triggered in DMZ) or something like that? Any ideas?? ~J -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
