Project

General

Profile

Feature #266

LML Ruleset to ignore cron jobs

Added by Pierre Chifflier over 16 years ago. Updated almost 15 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Yoann VANDOORSELAERE
Target version:
0.9.11
Start date:
Due date:
% Done:

0%

Resolution:
fixed

Description

When parsing auth.log, tons of alerts are send for cron jobs (producing lots of noise on real events).

This is an example file to show how to ignore how to ignore such events.

cron.rules (345 Bytes) Pierre Chifflier, 10/24/2007 09:33 PM

Associated revisions

Revision 5d557776 (diff)
Added by Pierre Chifflier over 16 years ago

Add new ruleset to ignore cron jobs (Closes #266)

git-svn-id: file:///home/yoann/dev/prelude/git/nok/SVN/prelude-lml/trunk@10090 09c5ec92-17d4-0310-903a-819935f44dba

History

#1 Updated by Pierre Chifflier over 16 years ago

  • Status changed from New to Closed
  • Resolution set to fixed

(In r10090) Add new ruleset to ignore cron jobs (Closes #266)

#2 Updated by Yoann VANDOORSELAERE almost 15 years ago

  • Project changed from PRELUDE SIEM to Prelude-LML
  • Category deleted (4)
  • Target version deleted (0.9.11)

Also available in: Atom PDF