X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=inline;f=etc%2Frules%2Fossec_rules.xml;fp=etc%2Frules%2Fossec_rules.xml;h=7de90f58a88d0c83b96fde64a3f545fb1388aeca;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=2abebdb0d08fef606a33ca821c3d40c22748f285;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b;p=ossec-hids.git
diff --git a/etc/rules/ossec_rules.xml b/etc/rules/ossec_rules.xml
old mode 100755
new mode 100644
index 2abebdb..7de90f5
--- a/etc/rules/ossec_rules.xml
+++ b/etc/rules/ossec_rules.xml
@@ -134,7 +134,7 @@
530
- ossec: output: 'df -h': /dev/
+ ossec: output: 'df -P': /dev/
100%
Partition usage reached 100% (disk space monitor).
low_diskspace,
@@ -197,7 +197,7 @@
syscheck,
-
+
ossec
syscheck_new_entry
File added to the system.
@@ -293,7 +293,7 @@ Example:
Sat May 7 03:27:57 CDT 2011 /var/ossec/active-response/bin/firewall-drop.sh delete - 172.16.0.1 1304756247.60385 31151
-->
-
+
ar_log
Active Response Messages Grouped
active_response,
@@ -347,4 +347,16 @@ Sat May 7 03:27:57 CDT 2011 /var/ossec/active-response/bin/firewall-drop.sh del
active_response,
+
+ ossec
+ ossec-logcollector
+ Logcollector Messages Grouped
+
+
+
+ 700
+ INFO:
+ Ignore informational messages (usually at startup)
+
+