projects / ossec-hids.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge tag 'upstream/2.7'
[ossec-hids.git] / contrib / logtesting / 3 / res
diff --git a/contrib/logtesting/3/res b/contrib/logtesting/3/res
new file mode 100644 (file)
index 0000000..5586f89
--- /dev/null
+++ b/contrib/logtesting/3/res
@@ -0,0 +1,17 @@
+**Phase 1: Completed pre-decoding.
+       full event: 'Nov 11 22:46:29 localhost vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=1.2.3.4'
+       hostname: 'localhost'
+       program_name: 'vsftpd'
+       log: 'pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=1.2.3.4'
+
+**Phase 2: Completed decoding.
+       decoder: 'pam'
+       srcip: '1.2.3.4'
+
+**Phase 3: Completed filtering (rules).
+       Rule id: '5503'
+       Level: '5'
+       Description: 'User login failed.'
+**Alert to be generated.
+
+
ossec-hids