X-Git-Url: http://ftp.carnet.hr/pub/carnet-debian/scm?a=blobdiff_plain;f=etc%2Frules%2Fsyslog_rules.xml;h=a385e43a0ed1a1cac639180f7ff8825d8a57eb98;hb=789cbc8e52da68eba3517b920ef22e000cf3c9fd;hp=b536e438c59be8d6cf43230e51df8c0dcd56b0dd;hpb=301048b51990573e58a30dc4a5bb4ec285cad554;p=ossec-hids.git
diff --git a/etc/rules/syslog_rules.xml b/etc/rules/syslog_rules.xml
index b536e43..a385e43 100755
--- a/etc/rules/syslog_rules.xml
+++ b/etc/rules/syslog_rules.xml
@@ -1,4 +1,4 @@
-
@@ -154,6 +161,26 @@
^Authentication passed
Pop3 Authentication passed.
+
+
+ openldap
+ OpenLDAP group.
+
+
+
+ 2507
+ ACCEPT from
+ OpenLDAP connection open.
+
+
+
+ 2507
+ 2508
+
+ RESULT tag=97 err=49
+ OpenLDAP authentication failed.
+
+
@@ -288,7 +315,7 @@
5100
- ipw2200: Firmware error detected.
+ ipw2200: Firmware error detected.| ACPI Error
Kernel device error.
@@ -403,6 +430,14 @@
alert_by_email
First time (su) is executed by user.
+
+
+ 5300
+ unknown class
+ OpenBSD uses login classes, and an inappropriate login class was used.
+ A user has attempted to su to an unknown class.
+
+
@@ -582,6 +617,38 @@
config_changed,
Yum package deleted.
+
+
+
+ 5100
+ mptscsih
+ Grouping for the mptscrih rules.
+
+
+
+ 5100
+ mptbase
+ Grouping for the mptbase rules.
+
+
+
+ 2935
+ FAILED
+ Posible Disk failure. SCSI controller error.
+
+
+
+ 2936
+ failed
+ SCSI RAID ARRAY ERROR, drive failed.
+
+
+
+ 2936
+ degraded
+ SCSI RAID is now in a degraded status.
+
+