Professional Documents
Culture Documents
net/main/manual/manual-reporting-tool/
Home
About
Documentation
Downloads
Support
Our Team
2-Show all IP addresses/users that logged in during the day and related srcips
locations for each user
1 of 6 23/04/2009 11:53 AM
Manual: Reporting tool http://www.ossec.net/main/manual/manual-reporting-tool/
2 of 6 23/04/2009 11:53 AM
Manual: Reporting tool http://www.ossec.net/main/manual/manual-reporting-tool/
3 of 6 23/04/2009 11:53 AM
Manual: Reporting tool http://www.ossec.net/main/manual/manual-reporting-tool/
authentication_success |1321 |
sshd |953 |
errors |378 |
system_error |318 |
authentication_failed |161 |
invalid_login |120 |
vmware |117 |
recon |42 |
authentication_failures |32 |
win_authentication_failed |25 |
account_changed |24 |
stats |17 |
time_changed |17 |
service_availability |16 |
accesslog |10 |
web |10 |
su |9 |
access_control |8 |
access_denied |8 |
rootcheck |5 |
attacks |4 |
policy_changed |4 |
low_diskspace |3 |
sudo |3 |
logs_cleared |2 |
postgresql_log |1 |
system_shutdown |1 |
4 of 6 23/04/2009 11:53 AM
Manual: Reporting tool http://www.ossec.net/main/manual/manual-reporting-tool/
(vmesx51) any->syscheck |2 |
(esqueleto2) 192.168.2.99->/var/log/postgres.. |1 |
(esqueleto2) 192.168.2.99->ossec |1 |
(esqueleto2) 192.168.2.99->rootcheck |1 |
(win2003-tbv3) any->ossec |1 |
(win2003-tbv4) any->rootcheck |1 |
enigma->/var/log/secure |1 |
enigma->dcid@127.0.0.1->syscheck |1 |
enigma->rootcheck |1 |
5 of 6 23/04/2009 11:53 AM
Manual: Reporting tool http://www.ossec.net/main/manual/manual-reporting-tool/
Recent Entries
>Rootcheck updated to v2.0Mar 6
>OSSEC v2.0 releasedFeb 27
>v2.0 - What is comingJan 20
>OSSEC v1.6.1 releasedOct 9
(Archives)
Shortcuts
>Getting Started
>First steps
>Manual | Wiki
>Commercial Support
News/Announcements
>Join OSSEC Linked-in Group
>Join Mailing List
6 of 6 23/04/2009 11:53 AM