You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 16, 2021. It is now read-only.
I've been running it in production for about a week with no issues thus far.
Getting logs correctly into Sguil from OSSEC agents and syslog.
If OSSEC only decodes a srcip then the dstip will be set as the IP of the OSSEC
agent. This can be a cosmetic issue for AV type logs where a client reports an
infection but there is no dstip; so you will see the srcip of the client where
the infection was found and the dstip will be the AV server the client reports
to.
Original comment by thefla...@gmail.com on 18 Mar 2015 at 1:57
Original issue reported on code.google.com by
doug.bu...@gmail.com
on 18 Mar 2015 at 1:41The text was updated successfully, but these errors were encountered: