I have OSSEC Server setup in CentOS and working perfectly fine.. now i want to tune the it. As we already have SIEM server. I would like to disable all the logs except the FIM. I have gone through various documents as FIM only alerts up to 3 changes only via email now i would like to alter only the FIM and nothing else. can anyone guide me or provide a link for me to do require setup. also i couldnt find where shall i configure ossec to notify file chages even though it is greater than 3 changes via email.
thanks regards bijesh -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
