Hi, Peter Czanik has published some windows patterns last year. They are not good for the snare format, but you might be able to tweak them to work for you, or at least to get some ideas about patterndb. http://czanik.blogs.balabit.com/2011/07/patterns-for-windows-server-2008/ Regards, Robert On 02/02/2012 12:42 AM, greg whynott wrote:
On Wed, Feb 1, 2012 at 5:51 PM, Martin Holste <mcholste@gmail.com <mailto:mcholste@gmail.com>> wrote:
Patterndb is probably your best bet
Thanks Martin, I'll take a look at that tomorrow. Looks like what we are after.
take care, greg
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq