On 03/09/2014 12:50 AM, Nick Turley wrote:
This is awesome. Thanks for posting. I recently updated our OSSEC
environment to utilize ElasticSearch/Logstash/Kibana. Everything has
been working great, but the one annoyance has been multi-line messages
being lost. I've considered switching over to monitoring alerts.log
directly, but haven't had time. I'll have to try out your config. :)
Nick
Joshua's work is very nice. Also, don't forget that alerts.log can be
set to write in a non-multiline way:
http://ossec-docs.readthedocs.org/en/latest/syntax/head_ossec_config.global.html
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
