new upstream release (3.3.0); modify package compatibility for Stretch

[ossec-hids.git] / etc / rules / mhn_dionaea_rules.xml

diff --git a/etc/rules/mhn_dionaea_rules.xml b/etc/rules/mhn_dionaea_rules.xml
new file mode 100644 (file)
index 0000000..cad0529
--- /dev/null
+++ b/etc/rules/mhn_dionaea_rules.xml
@@ -0,0 +1,13 @@
+<!-- Rules for Modern Honeypot Network - Dionaea, -->
+
+<!-- IDs: 53826 - 53829 -->
+<!-- include /var/log/mhn/mhn-json.log to ossec.conf -->
+
+<group name="mhn,json">
+
+  <rule id="53826" level="8">
+    <decoded_as>dionaea</decoded_as>
+    <description>Connection to Dionaea Honeypot identified</description>
+  </rule>
+
+</group>