Вопросы Теги

OSSEC Exclude Sub-directory Alerts

I have added this rule to receive real-time alerts but I would like to modify it or add another rule so that I can exclude the sub-folder var/www/html/wp-content/cache

<directories report_changes="yes" realtime="yes" restrict=".php|.js|.py|.sh|.html" check_all="yes">/var/www</directories>

can this be done?

1
задан 16 September 2016 в 00:21
1 ответ

добавьте директиву игнорирования в ваш файл ossec-server.conf. 

<ignore>sub-dir</ignore>
1
ответ дан 3 December 2019 в 23:41