Hey Chuck,

  I have not actually tried to decode any Oracle logs.  But have you used 
the ossec-logtest utility?  I have used it to debug several application 
logging issue.  You can pipe entire logs into it to see how ossec handles 
it.  But for me, I start off simple.  Start ossec-logtest, then paste a 
single log entry into it.  It will show you output from each step.  Let me 
know if this helps


On Monday, February 5, 2018 at 4:10:16 PM UTC-5, charle...@decisivedge.com 
> Hello
> Has anyone written a rule and decorder for an oracle DB. I know that OSSEC 
> and inject the logs but it seems that OSSEC does not know how to interpret 
> them. Can any help me with this or even point me to a source. Is there 
> anything that I need to do on the DB side ? 
> Thanks
> Chuck


You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to