1 [ossec: active response: add host]
2 log 1 pass = Sat May 7 03:17:27 CDT 2011 /var/ossec/active-response/bin/host-deny.sh add - 172.16.0.1 1304756247.60385 31151
7 [ossec: active response: add firewall]
8 log 2 pass = Sat May 7 03:17:27 CDT 2011 /var/ossec/active-response/bin/firewall-drop.sh add - 172.16.0.1 1304756247.60385 31151
14 [ossec: active response: delete host]
15 log 3 pass = Sat May 7 03:27:57 CDT 2011 /var/ossec/active-response/bin/host-deny.sh delete - 172.16.0.1 1304756247.60385 31151
21 [ossec: active response: delete firewall]
22 log 4 pass = Sat May 7 03:27:57 CDT 2011 /var/ossec/active-response/bin/firewall-drop.sh delete - 172.16.0.1 1304756247.60385 31151
28 [ossec-logcollector: ignore informational messages at startup]
29 log 1 pass = 2015/01/29 21:09:49 ossec-logcollector(1950): INFO: Analyzing file: '/var/log/httpd/error_log'.
33 decoder = ossec-logcollector
36 log 1 pass = ossec: Agent started: 'any'