+++ /dev/null
-**Phase 1: Completed pre-decoding.
- full event: 'Jun 16 09:53:44 niban useradd[5721]: new group: name=test2, gid=12001'
- hostname: 'niban'
- program_name: 'useradd'
- log: 'new group: name=test2, gid=12001'
-
-**Phase 2: Completed decoding.
- No decoder matched.
-
-**Phase 3: Completed filtering (rules).
- Rule id: '5901'
- Level: '8'
- Description: 'New group added to the system'
-**Alert to be generated.
-
-
projects / ossec-hids.git / blobdiff