Search found 2 matches
- Mon Dec 09, 2024 10:36 pm
- Forum: Help with other free stuff
- Topic: Atomic Rbl (Local Only Resolver) start to error
- Replies: 1
- Views: 62517
Re: Atomic Rbl (Local Only Resolver) start to error
The error "invalid address" indicates that the RBL configuration files )(like threat1.rbl, threat2.rbl, etc) contain incorrect or improperly formatted entries. Check the contents of these files for invalid IP addresses or incorrect syntax. Each entry should follow the correct format, such ...
- Mon Dec 02, 2024 4:03 am
- Forum: OSSEC
- Topic: Help: Custom Rule, Decoder, Testing Approach
- Replies: 2
- Views: 80581
Re: Help: Custom Rule, Decoder, Testing Approach
You can create a simple custom rule and decoder for monitoring Windows log moto x3m on events. For example, in local_rules.xml, you could add: <group name="windows,"> <rule id="100001" level="5"> <decoded_as>json</decoded_as> <field name="win.system.channel">S...