projects / ossec-hids.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
obrisane nepotrebne datoteke od zadnjeg builda
[ossec-hids.git] / debian / ossec-hids / usr / share / doc / ossec-hids / contrib / ossec-testing / tests / su.ini
diff --git a/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/ossec-testing/tests/su.ini b/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/ossec-testing/tests/su.ini
deleted file mode 100644 (file)
index 023106b..0000000
--- a/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/ossec-testing/tests/su.ini
+++ /dev/null
@@ -1,27 +0,0 @@
-[su: failed ]
-log 1 pass = Apr 27 15:22:23 niban su[2921936]: failed: ttyq4 changing from ldap to root
-log 2 pass = Jun 20 17:19:59 dactyl su: FAILED SU (to root) mmoorcro on pts/0
-rule = 5302
-alert = 9
-decoder = su
-
-[su: bad pass]
-log 1 pass = Apr 27 15:22:23 niban su[234]: BAD SU ger to fwmaster on /dev/ttyp0
-rule = 5301
-alert = 5
-decoder = su
-
-[su: pam - auth fail]
-log 1 fail = Apr 27 15:22:23 niban su(pam_unix)[23164]: authentication failure; logname= uid=1342 euid=0 tty= ruser=dcid rhost=  user=osaudit
-log 2 fail = Apr 27 15:22:23 niban su(pam_unix)[2298]: authentication failure; logname= uid=1342 euid=0 tty= ruser=dcid rhost=  user=root
-rule = 5503
-alert = 5
-decoder = su
-
-
-[su: work fts]
-log 1 pass = Apr 22 17:51:51 enigma su: dcid to root on /dev/ttyp1
-rule = 5305
-alert = 4
-decoder = su
-
ossec-hids