Thanks Dan

On Friday, 13 January 2017 10:44:46 UTC-5, Joel wrote:
>
> Hi all,
>
> I've been using osssec for a while now and I really like it.
>
> I'm now trying to integrate ossec with a monitoring application.  I'd like 
> to have ossec send Alerts to a remote host via syslog.
>
> I have it all working, with one exception.  It looks like ossec forwards 
> ALL events as local0.warning.
>
> is this configurable?  is there a way to change it?
>
> what I'd really love is a way to set an Alert level to a specific facility 
> / severity so that the monitoring system can handle different events 
> differently without having to do much parsing of the message contents.
>
> Does anyone have any tips or pointers?
>
> thanks!
>
> J
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to