Hello, I'm looking to generate a report that shows login/logout times of actual users. I am using AlienVault to generate the report. AlienVault does not provide a solution to exclude particular users, so I am hoping ossec can.
Basically, I have lists of thousands of login/logout events, but the vast majority of them is the system account. I want to exclude all 'usernames' that have a trailing $ dollar sign. The catch: I still want to log the system events, so I can't just completely exclude them. I hope this has made sense. Thanks -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
