On 05/27/2015 07:19 AM, Xavier Mertens wrote: > Hi Gil, > When I wrote this patch for OSSEC a long time ago (it was later > integrated into the main branch), my goal was not to create > "geolocalized" alerts. IMHO, to add this feature, it requires a lot of > patching because you need to define a new keyword to be used in alerts > like "srcip", "user", "data", etc... > But indeed, it could be a nice feature! Feel free to contribute to the > source code! :-)
I think I saw Daniel Cid contribute something along these lines in his own repo recently. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
