On Fri, Jan 13, 2017 at 11:40 AM, Joel <jbro...@oddelement.com> wrote: > Thanks Dan >
Sorry I didn't have better news. If you want to open an issue on the github (https://github.com/ossec/ossec-hids), we can keep it in mind when we find time to work on features. I think having more options might be useful (and the defaults can always be re-evaluated). > > On Friday, 13 January 2017 10:44:46 UTC-5, Joel wrote: >> >> Hi all, >> >> I've been using osssec for a while now and I really like it. >> >> I'm now trying to integrate ossec with a monitoring application. I'd like >> to have ossec send Alerts to a remote host via syslog. >> >> I have it all working, with one exception. It looks like ossec forwards >> ALL events as local0.warning. >> >> is this configurable? is there a way to change it? >> >> what I'd really love is a way to set an Alert level to a specific facility >> / severity so that the monitoring system can handle different events >> differently without having to do much parsing of the message contents. >> >> Does anyone have any tips or pointers? >> >> thanks! >> >> J > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.