On May 10, 2016 7:38 PM, "'RICARDO STOCCO' via ossec-list" < [email protected]> wrote: > > Hello, I have a question > > It is possible to send ossec group/s when I use syslog_output? > > For example, in the file alert.log I have this log: > > > > ** Alert 1462920563.18241: - syslog,access_control,authentication_failed, > > 2016 May 10 15:49:23 localhost->/var/log/secure > > Rule: 2501 (level 5) -> 'User authentication failure.' > > May 10 15:49:23 localhost pam: gdm-password: pam_unix(gdm-password:auth): authentication failure; logname= uid=0 euid=0 tty=:0 ruser= rhost= user=user > > > > I want to have information about groups in kibana, for searchs: > > "syslog,access_control,authentication_failed" > > > > It is possible? > >
You'll have to modify the source code. > > Thanks! > > -- > > --- > You received this message because you are subscribed to the Google Groups "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
