Hi, I didn't mean to think there might be hidden options in OSSEC, but I thought somebody might have had workarounds in or out of the realm of OSSEC that allows me to achieve that, or just to confirm if I had been missing something critical while reading. I have tried CEF output but found the JSON output better suit my needs, so I thought I should just send a quick question and see.
Then looks like I need to think of another route. Thanks. On Thursday, February 5, 2015 at 8:53:44 PM UTC+8, dan (ddpbsd) wrote: > > On Thu, Feb 5, 2015 at 3:40 AM, Bernard Chan <[email protected] > <javascript:>> wrote: > > Hi there, > > > > > http://ossec-docs.readthedocs.org/en/latest/manual/output/syslog-output.html#configuration-options > > > > > Currently we can configure OSSEC to generate alerts to rsyslog in JSON > > format, but it is not CEE compatible (i.e. no @cee: cookie). Is there a > way > > to send alerts to rsyslog in JSON in a way that can be parsed on the > rsyslog > > side? > > > > You linked to the documentation. What about it makes you think we've > hidden options? > > > You may safely assume we are trying the latest releases of rsyslog as > well > > as OSSEC, on Linux. > > > > Thanks. > > > > -- > > > > --- > > You received this message because you are subscribed to the Google > Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
