[ossec-list] Re: Help with decoder

srcip: '2.2.2.2' >status: 'VPN_XPTO' > > > **Phase 3: Completed filtering (rules). >Rule id: '81603' >Level: '0' >Description: 'Fortigate messages grouped.' > > > I hope it helps. > Regards. &

[ossec-list] Re: Help with decoder

msg="(\.+)" action=(\.*) remip=(\S+) locip=(\S+) \.*vpntunnel="(\.*)" extra_data,action,dstip,srcip,status Em domingo, 28 de maio de 2017 11:38:16 UTC-3, RWagner escreveu: > > > <https://lh3.googleusercontent.com/-n47to6eHiT8/WSrf3ePZq2I/AAM/oDmoGiNx

[ossec-list] Help with decoder

Hi Guys! I'm making a decoder for problems with vpn phase_2 for the fortigate. Sample log: date=2017-05-20 time=07:31:20 devname=Fw1-sa-dc2d-g56 devid

[ossec-list] Compress elasticsearc indexes

Hi Guys! My elasticsearch indexes are filling the disk. I would like to compress these indexes. Is it possible to compress these indexes in a way that I can restore when needed? Would anyone help me? -- --- You received this message because you are subscribed to the Google Groups "ossec-li