X-Git-Url: http://ftp.carnet.hr/pub/carnet-debian/scm?a=blobdiff_plain;f=debian%2Fossec-hids%2Fusr%2Fshare%2Fdoc%2Fossec-hids%2Fcontrib%2Fossec-testing%2Ftests%2Fossec.ini;fp=debian%2Fossec-hids%2Fusr%2Fshare%2Fdoc%2Fossec-hids%2Fcontrib%2Fossec-testing%2Ftests%2Fossec.ini;h=20c95c5aabd3104e131c4619f59c4d337b45704f;hb=3f728675941dc69d4e544d3a880a56240a6e394a;hp=0000000000000000000000000000000000000000;hpb=927951d1c1ad45ba9e7325f07d996154a91c911b;p=ossec-hids.git

diff --git a/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/ossec-testing/tests/ossec.ini b/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/ossec-testing/tests/ossec.ini
new file mode 100644
index 0000000..20c95c5
--- /dev/null
+++ b/debian/ossec-hids/usr/share/doc/ossec-hids/contrib/ossec-testing/tests/ossec.ini
@@ -0,0 +1,41 @@
+[ossec: active response: add host] 
+log 1 pass = Sat May  7 03:17:27 CDT 2011 /var/ossec/active-response/bin/host-deny.sh add - 172.16.0.1 1304756247.60385 31151
+rule = 603
+alert = 3
+decoder = ar_log
+
+[ossec: active response: add firewall] 
+log 2 pass = Sat May  7 03:17:27 CDT 2011 /var/ossec/active-response/bin/firewall-drop.sh add - 172.16.0.1 1304756247.60385 31151
+rule = 601
+alert = 3
+decoder = ar_log
+
+
+[ossec: active response: delete host] 
+log 3 pass = Sat May  7 03:27:57 CDT 2011 /var/ossec/active-response/bin/host-deny.sh delete - 172.16.0.1 1304756247.60385 31151
+rule = 604
+alert = 3
+decoder = ar_log
+
+
+[ossec: active response: delete firewall] 
+log 4 pass = Sat May  7 03:27:57 CDT 2011 /var/ossec/active-response/bin/firewall-drop.sh delete - 172.16.0.1 1304756247.60385 31151
+
+rule = 602
+alert = 3
+decoder = ar_log
+
+[ossec-logcollector: ignore informational messages at startup]
+log 1 pass = 2015/01/29 21:09:49 ossec-logcollector(1950): INFO: Analyzing file: '/var/log/httpd/error_log'.
+
+rule = 701
+alert = 0
+decoder = ossec-logcollector
+
+[agent started]
+log 1 pass = ossec: Agent started: 'any'
+
+rule = 501
+alert = 3
+decoder = ossec
+