PCRE2 regexp matching not working properly

[BernaldoPenasAntelo]

Following the docs, with the newest version of ossec running, i'm triying to create a custom rule with this expresion

(.*\.){7,}

I'm following the pcre2 syntax, but no matchings when i run my tests (i have used diferent online regexp engines and verify that the regexp it's correct and may verify my tests)

To test it i use the binary ossec-regex and get:

~# /var/ossec/bin/ossec-regex '(.*\.){7,}'
mi.de.que.me.dice.sel.que.de.es.gob.mu

It give me no results, nothing happens.

I have tested that the binnary works

~# /var/ossec/bin/ossec-regex '^a'
antonio
+OSRegex_Execute: antonio
+OS_Regex       : antonio
+OSMatch_Compile: antonio
+OS_Match2      : antonio

What i'm doing wrong, any help will be useful.

Thanks in advance.

[ddpbsd]

This should probably be posted on the ossec-hids repository. Not sure why it's not working, I've never actually used the program. I usually just use ossec-logtest.

[BernaldoPenasAntelo]

OK, thanks for your help, i open #1845 in ossec-hids repo