17 Apr
2014
17 Apr
'14
9:08 a.m.
Hi, On 16 Apr 2014 19:17, David Hauck <davidh@netacquire.com> wrote:
OK, I get the gist of all of the above and so my remaining question is then: "what's the point of the 'program pattern' in the ruleset definitions"?
It enables you to match similar messages with different $PROGRAM names. A good example is pam: the program can be any application using the authentication module e.g. sshd, vsftpd, login, etc. but the message is the same. Cheers