On Tue, 2010-07-13 at 17:12 -0600, Patrick H. wrote:
Sent: Tuesday, July 13, 2010 5:25:13 AM From: Balazs Scheidler <bazsi@balabit.hu> To: syslog-ng@lists.balabit.hu Subject: [syslog-ng] patterndb: collect login/logout samples
Hi,
After getting the generic patterndb policy into shape, I'd like to start collecting log samples, preferably in a domain that is useful for everyone.
My target is at first is login/logout/login failure events. I'd start with a generic Linux installation and try to cover all applications that perform authentication.
I took a look at that pdb format and was lost. I'll probably learn it eventually, but would just make a mess of it if I tried now. But here are a lot of examples that havent been provided yet. All messages were generated from RHEL 5 servers
[snip]
VMware server messages are the exact same for both remote console application and web UI.
Thanks for all the samples that you sent, I've finished marked up all of these, except for the vmware stuff, but I hope to finish that in the coming days. This means that I've almost finished with everything that anyone posted to this list so far. Thanks for everyone. -- Bazsi