Answer the question
In order to leave comments, you need to log in
How to write a rule to detect a specific exe file for HIDS OSSEC?
What should be the syntax in the rule in local_rules.xml in HIDS OSSEC so that when running a specific exe file, OSSEC sends a message about this to OSSIM.
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question