X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;ds=sidebyside;f=etc%2Frules%2Flog-entries%2F1401;fp=etc%2Frules%2Flog-entries%2F1401;h=d8f33edb4d0c4236afae9c48ab12874b8f1da5b9;hb=ff0e686ac67bbd82b60c277eb324910dbc60f65f;hp=0000000000000000000000000000000000000000;hpb=33a81e69474ae91ecec4e991debe59e26bb330fd;p=ossec-hids.git

diff --git a/etc/rules/log-entries/1401 b/etc/rules/log-entries/1401
new file mode 100755
index 0000000..d8f33ed
--- /dev/null
+++ b/etc/rules/log-entries/1401
@@ -0,0 +1,6 @@
+#Red Hat box
+Feb  1 14:39:16 nogan sudo:    test2 : 3 incorrect password attempts ; TTY=pts/4 ; PWD=/home/test2 ; USER=root ; COMMAND=/bin/ls
+#OpenBSD
+Jan 28 20:36:33 enigma sudo:     dcid : 3 incorrect password attempts ; TTY=ttyp0 ; PWD=/home/dcid ; USER=root ; COMMAND=/bin/ls
+May 26 19:40:25 enigma sudo:     dcid : 3 incorrect password attempts ; TTY=ttyp0 ; PWD=/var/www/htdocs ; USER=root ; COMMAND=/bin/ls
+