X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=contrib%2Flogtesting%2F5%2Fres;fp=contrib%2Flogtesting%2F5%2Fres;h=ae59790d8f67049706073156af1d290864f8476e;hp=5ac88306f96daff25c360cc69db66e09eec942ec;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b

diff --git a/contrib/logtesting/5/res b/contrib/logtesting/5/res
index 5ac8830..ae59790 100644
--- a/contrib/logtesting/5/res
+++ b/contrib/logtesting/5/res
@@ -7,6 +7,9 @@
 **Phase 2: Completed decoding.
        decoder: 'sudo'
        dstuser: 'dcid'
+       url: '/home/dcid'
+       srcuser: 'root'
+       status: '/usr/bin/tail /var/log/snort/alert.fast'
 
 **Phase 3: Completed filtering (rules).
        Rule id: '5403'