On Friday, 13 January 2017 10:44:46 UTC-5, Joel wrote:
> Hi all,
> I've been using osssec for a while now and I really like it.
> I'm now trying to integrate ossec with a monitoring application. I'd like
> to have ossec send Alerts to a remote host via syslog.
> I have it all working, with one exception. It looks like ossec forwards
> ALL events as local0.warning.
> is this configurable? is there a way to change it?
> what I'd really love is a way to set an Alert level to a specific facility
> / severity so that the monitoring system can handle different events
> differently without having to do much parsing of the message contents.
> Does anyone have any tips or pointers?
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
For more options, visit https://groups.google.com/d/optout.