[Oisf-users] how can see the word alert and drop in my fast.log???
mouna amani
amani.smiai.insat at gmail.com
Thu Jul 4 13:11:57 UTC 2013
I am using the fast.log
I configured to file type: regular
My rules are all set to alerts
I got lines in my fast.log looking like this :
10/05/10-10:08:59.667372 [**] [1:2009187:4] ET WEB_CLIENT ACTIVEX iDefense
COMRaider ActiveX Control Arbitrary File Deletion [**] [Classification: Web
Application Attack] [Priority: 3] {TCP} xx.xx.232.144:80 -> 192.168.1.4:56068
It is just an example
I want to see the word "alert" in my fast.log
what should I change ??????
--
Amani smiai
More information about the Oisf-users
mailing list