if i have a centralized log server, and have ossec read those logs, can i have the ossec server apply the ip firewall block to all the servers contributing to the central log server?
example. contributing servers: server01 server02 server03 server04 central log server: logserver01 ossec server: ossecserver01 say ip address 37.24.199.45 just got flagged for multiple failed SSH attempts on server01. can i have ossec read that failure on the central log server and apply the iptables block on all the contributing servers? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
