Hi, i'm trying to write my first rules, by extending the existing postfix rules.
here's what i'm trying to test: <rule id="3307" level="6"> <if_sid>3300</if_sid> <match>RBL lookup error:</match> <description>Host or domain name not found. Name service error </description> <group>spam,</group> </rule> along with the log entry that i'm trying to test warning: 199.249.24.179.list.dsbl.org: RBL lookup error: Host or domain name not found. Name service error for name=199.249.24.179.list.dsbl.org type=A: Host not found, try again the rule is not firing, instead ossec-logtest is marking it as a "Level 2" alert "Unknown problem somewhere in the system." what am I doing wrong here? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
