Hi,
I don't often write to the group (I'm following it closely) but today, I've
a question...
I'd like to trigger an Active-Response script on the _server_ for _any_
alert (ex with level > 10).
I don't want to deply the script on all agents.
At the moment, here is my active-response config (for only 1 rule):
<active-response>
<command>script</command>
<location>server</location>
<rules_id>31510</rules_id>
</active-response>
It seems that it expect the rule 31510 to happen on the _server_ but it is
happening on agents..
Any idea?
/x
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
