projects / ossec-hids.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Imported Upstream version 2.7
[ossec-hids.git] / contrib / logtesting / 37 / res
diff --git a/contrib/logtesting/37/res b/contrib/logtesting/37/res
new file mode 100644 (file)
index 0000000..61c466e
--- /dev/null
+++ b/contrib/logtesting/37/res
@@ -0,0 +1,17 @@
+**Phase 1: Completed pre-decoding.
+       full event: 'Apr 17 22:20:29 hostj named[312]: [ID 295310 daemon.notice] security: notice: dropping source port zero packet from [64.211.251.254].0'
+       hostname: 'hostj'
+       program_name: 'named'
+       log: 'security: notice: dropping source port zero packet from [64.211.251.254].0'
+
+**Phase 2: Completed decoding.
+       decoder: 'named'
+       srcip: '64.211.251.254'
+
+**Phase 3: Completed filtering (rules).
+       Rule id: '12101'
+       Level: '12'
+       Description: 'Invalid DNS packet. Possibility of attack.'
+**Alert to be generated.
+
+
ossec-hids