So I found a file called *msauth_rules.xml* on my *Ossec Server*, which has many rules in there regarding windows logins. The log level is set to 0 on the rules I want enabled. What does each log level represent? I've browsed the Ossec online manual and I'm not seeing a list of log level definitions. Can someone please provide a list?
Can someone also please confirm that to accomplish my goal I just need to edit each rule level that I want to flag, and that the files I'm editing live on the Ossec server, not the agents (clients)? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
