Hello,
I noticed recently that my cloud servers has got increased requests for a
long range of php files from same source IP. If i'm not the only one, I
started to collect the page requests to a list. However, I seen that some
of the requests get caught for instance by PSAD and matching signatu
It wass an issue with https not apt,i solved installing the https
transport. Now i wanna create some custom decoder and rules, when the new
line is added.in log file which contain "error" to get an alert,but no
succes.Any idea how ?? Thanks in advance.
On Friday, August 24, 2018 at 12:24:20 AM