OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
OS: Windows Server 2012 R2
OSSEC agent version: 2.8 (from AlienVault 5.3.5)
Windows agent doesn't accept globbing (log, .log....), (s)regex (not recognized) between localfile tags. I would like to "mass" monitor log files with random appended string at the end, in the same folder like log_20140908-093823.log, where --093823-- is random at each filename. strftime is not enough in some cases.
OS: Windows Server 2012 R2 OSSEC agent version: 2.8 (from AlienVault 5.3.5)
Windows agent doesn't accept globbing (log, .log....), (s)regex (not recognized) between localfile tags. I would like to "mass" monitor log files with random appended string at the end, in the same folder like log_20140908-093823.log, where --093823-- is random at each filename. strftime is not enough in some cases.
Discussed here in ossec-list
Thanks