On Jul 20, 2011, NA wrote: > Hello, > > With the default and slightly changed default config set up I am getting > spammed by psad with just one scan. I received up to 60 emails before I > deleted the scan from the logs. Is there something I can do to get just > one email notice per incident?
Hi, Yes, if you set the "ALERT_ALL" variable to "N" in the /etc/psad/psad.conf file, then psad will only generate a new email for the same scanning source IP when the IP reaches the next danger level (defined by the DANGER_LEVEL{n} variables). Thanks, --Mike ------------------------------------------------------------------------------ 5 Ways to Improve & Secure Unified Communications Unified Communications promises greater efficiencies for business. UC can improve internal communications as well as offer faster, more efficient ways to interact with customers and streamline customer service. Learn more! http://www.accelacomm.com/jaw/sfnl/114/51426253/ _______________________________________________ psad-discuss mailing list psad-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/psad-discuss