I didn't like how messages were handled and since they were explicitly dedicated to Security issues, found it had limited use for my needs.
So I rewrote the SNARE parsing that way : # SNARE windows msg r"MSWinEventLog\s+\S+\s+(?P<component>\S+)\s+\S+\s+\w\w\w\s\w\w\w\s\d\d\s\d\d:\d\d:\d\d\s\d\d\d\d\s+(?P<ntevid>\d+)\s(?P<summary>.*)", -------------------- m2f -------------------- Read this topic online here: http://forums.zenoss.com/viewtopic.php?p=26618#26618 -------------------- m2f -------------------- _______________________________________________ zenoss-users mailing list [email protected] http://lists.zenoss.org/mailman/listinfo/zenoss-users
