[syslog-ng] parsing what gets into syslog from windows machines.
Fekete Robert
frobert at balabit.hu
Thu Feb 2 08:26:13 CET 2012
Hi,
Peter Czanik has published some windows patterns last year. They are not good
for the snare format, but you might be able to tweak them to work for you, or at
least to get some ideas about patterndb.
http://czanik.blogs.balabit.com/2011/07/patterns-for-windows-server-2008/
Regards,
Robert
On 02/02/2012 12:42 AM, greg whynott wrote:
>
>
> On Wed, Feb 1, 2012 at 5:51 PM, Martin Holste <mcholste at gmail.com
> <mailto:mcholste at gmail.com>> wrote:
>
> Patterndb is probably your best bet
>
>
> Thanks Martin, I'll take a look at that tomorrow. Looks like what we are after.
>
> take care,
> greg
>
>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
More information about the syslog-ng
mailing list