Atomicorp

I think I understand where you might be having trouble. Think of decoders as translators, so even though a log might be going thru a decoder, if it doesnt understand the log message it wont translate it correctly. You need the right decoder for that specific log format, even if its coming from the ...

Mike, your answer didn't make much sense to me, so I made a few more tests. To make sure I had a match in the decoder, I used a well known program (for which there should be an included decoder), Apache. This was the result for IPv6 (I'm not masking the IP addresses this time): 2020/09/16 08:07:06 o...

Hi, my install of OSSEC if having problems decoding IPv6 addresses. I used /var/ossec/bin/ossec-logtest to test one syslog message, and got the following output: root@syslog-server:~# /var/ossec/bin/ossec-logtest 2020/09/11 09:15:46 ossec-testrule: INFO: Reading local decoder file. 2020/09/11 09:15:...