Hi all, I have a log:
May 21 10:24:54 niban useradd[6070]: new group: name=test, gid=5006 > May 28 10:48:29 niban useradd[32421]: new group: name=logr, gid=12000 > And my decoder: > <decoder name="niban"> > <prematch>^\w+ \d+ \d\d:\d\d:\d\d \w+ niban</prematch> > </decoder> I use ossec-logtest debug, my result: No decoder match. What did I do wrong? Thanks in advance ThucPK -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
