The rules we have right now are generating way too much traffic. My boss has asked that we rem or comment out the rules so we just have the syscheck running.
**I am no Linux guru** I went into and made <!-- and finished with --> in each rule line. EXAMPLE - <!-- <include>ms-exchange_rules.xml</include> --> When I restart the ossec-control then run the start I get: OSSEC analysisd: Testing rules failed. Configuration error. Exiting. Thoughts? Thanks!!! -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
