On Tue, 27 May 2014, Michael Starks wrote:
On 2014-05-26 18:03, Antonio Querubin wrote:
Wondering if anyone has some decoder rules that work with Barracuda
logs. I recently enabled syslogging of a Barracuda Spam/Virus Email
Firewall device to an OSSEC server. The server is now sending alert
level 2 email notifications complaining of an 'unknown' problem for
email that fails the Barracuda's spam/virtus detection tests:
I have one. Seems to work OK. I was waiting to write some rules and do some
QA before I submitted it. Let me know how it works for you:
Thanks - this saves me quite a bit of time. They appear to be
IPv4-centric but I'll update them and see how that goes.
<!-- Barracuda S&VF Email Logs -->
Antonio Querubin
e-mail: [email protected]
xmpp: [email protected]
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
