SHARE
TWEET

Untitled

a guest Dec 14th, 2019 83 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /var/ossec/etc/ossec.conf
  2.   <localfile>
  3.     <log_format>syslog</log_format>
  4.     <location>/home/kippo/kippo/log/kippo.log</location>
  5.   </localfile>
  6.  
  7. /var/ossec/etc/decoder.xml
  8. <decoder name="ossec-kippo">
  9.   <prematch>^20\d\d-\d\d-\d\d \d\d:\d\d:\d\d\.+ [\.+]</prematch>
  10.   <regex>(\.+)</regex>
  11.   <order>extra_data</order>
  12. </decoder>
  13.  
  14. /var/ossec/rules/local_rules.xml
  15.   <rule id="100031" level="15">
  16.     <decoded_as>ossec-kippo</decoded_as>
  17.     <description>Kippo</description>
  18.   </rule>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top