X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=contrib%2Flogtesting%2F31%2Fres;fp=contrib%2Flogtesting%2F31%2Fres;h=9ad2d73ab06c6c664f94272e67a6ae34232abf15;hp=597abeae8b17f41679c584c76b391923a3e1352f;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b

diff --git a/contrib/logtesting/31/res b/contrib/logtesting/31/res
index 597abea..9ad2d73 100644
--- a/contrib/logtesting/31/res
+++ b/contrib/logtesting/31/res
@@ -6,6 +6,10 @@
 
 **Phase 2: Completed decoding.
        decoder: 'sudo'
+       dstuser: 'dcid'
+       url: '/var/www/htdocs'
+       srcuser: 'root'
+       status: '/usr/bin/tail /var/log/secure'
 
 **Phase 3: Completed filtering (rules).
        Rule id: '5403'