On Thu, Jan 22, 2015 at 4:19 AM, Janis Zoldners <[email protected]> wrote: > Hello, > > I don't know how to filter out unneeded alerts, if alert contains 'Account > Name: SM_randomstring', for example, SM_f9295f8bdec14ffe9 > Tried: > <regex>Account Name:\s+SM+\.+\w</regex> >
<regex>Account Name:\s+SM_\S+</regex> Maybe? > How to filter out such alerts? > Thank you! > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
