On Wed, Aug 20, 2014 at 6:56 AM, Wesley Render wren...@otherdata.com
wrote:
Would anyone know if it would be possible to adjust the core rule set
configuration file so that only events that have a total inbound score of 5
or higher are sent to the audit log. (Running in Collaborative
When I set it to the following, I get a lot less logs coming in. I am
confused on how it should be set as well when sending logs to AuditConsole
using mlogc. Here is a summary of relevant settings I have right now
(below). I guess it seems as though the logging settings are not able to
combine
