projects / ossec-hids.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
new upstream release (3.3.0); modify package compatibility for Stretch
[ossec-hids.git] / debian / ossec-hids / usr / share / doc / ossec-hids / contrib / logtesting / 10 / res
diff --git a/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/logtesting/10/res b/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/logtesting/10/res
new file mode 100644 (file)
index 0000000..d8aa869
--- /dev/null
+++ b/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/logtesting/10/res
@@ -0,0 +1,16 @@
+**Phase 1: Completed pre-decoding.
+       full event: 'Feb 15 16:08:14 triumph PAM-securetty[741]: Couldn't open /etc/securetty'
+       hostname: 'triumph'
+       program_name: 'PAM-securetty'
+       log: 'Couldn't open /etc/securetty'
+
+**Phase 2: Completed decoding.
+       No decoder matched.
+
+**Phase 3: Completed filtering (rules).
+       Rule id: '1001'
+       Level: '2'
+       Description: 'File missing. Root access unrestricted.'
+**Alert to be generated.
+
+
ossec-hids