Thanks Moorea !!!! This is what I want to say !! 在 2015年12月2日星期三 UTC+8下午11:00:51,Phillipa Moorea写道: > > I think I can translate. Angelina needs to know if she can run a script > when an alert is generated. She does not want to alert with emails because > she gets too many emails. > > This might not help, but what we do is push our OSSIM alerts to an SEIM > (Security Event and Incident Management). I am using AlienVault OSSIM, but > there are many others out there that are probably more light weight. I > believe it is from the SEIM that you can chart out the alerts and generate > emails within SEIM when you get to a certain threshold of alerts or by some > other measurement of your choice. > > I think a main SEIM vendor is Splunk. > > Not sure if that helps, hopefully others here can chime in too. > > On Wednesday, December 2, 2015 at 4:21:09 AM UTC-6, [email protected] > wrote: >> >> >> <https://lh3.googleusercontent.com/-4HYWh6In7qo/Vl7CAYVSNWI/AAAAAAAAAAc/B0kdTcflseQ/s1600/20131008233840_eGw2H.thumb.700_0.jpeg> >> hello~everyone ,Ossec some problems bothering me ~~ ossec *data is hug* , >> my leader let me to deal with this data.....artificial......yeap~~~~it >> is means i will nalysis those data by my eyes !!!!!!!!!oh my god >> !!!!!!!!!!!!!!! It's driving me crazy !!!!!! and I think I think the >> most crazy people is my leader !!!! There are nearly 170000 data >> !!!!!!!!!!!! so help ME ........... >> the *function is : * use another way to* alert admin *, At present >> ,OSSEC-agent collate logs and give OSSEC-Server , OSSEC-Server >> analysis logs ,and use E-mail to alert admin through Rules , the >> rules has level . i use e-mail . .but email too many , some >> important messages i usually can not see and deal problems.... so i >> want ask ,can i use anothor way to alert admin (not E-mail ) .can i >> choose >> *different ways of alarm* by the degree of emergency content. >> OSSEC can *use Scripts ??*?????????????????????????????????? >> iam gona be dead .................help ..............T_T....... >> >> My English is not very good,Please understand~~~~~~~~~~ >> Thanks for your reply >> >> >> <https://lh3.googleusercontent.com/-4HYWh6In7qo/Vl7CAYVSNWI/AAAAAAAAAAc/B0kdTcflseQ/s1600/20131008233840_eGw2H.thumb.700_0.jpeg> >> angelina >> >
-- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
