Sophie

Sophie

distrib > * > cooker > x86_64 > by-pkgid > da2a89686a81980bc1060d2b1d9fea2f > files > 38

prelude-lml-1.0.1-1.x86_64.rpm

#####
#
# Copyright (C) 2003 G Ramon Gomez <gene at gomezbrothers dot com>
# Tyco Fire and Security GTS (www.tycofireandsecurity.com)
# All Rights Reserved
#
# This file is part of the Prelude-LML program.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; see the file COPYING.  If not, write to
# the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
#
#####

#####
#
# The rules included here were developed using Norton Antivirus Corportate
# Edition 7.60 events collected using NTSysLog.  Please report any 
# inconsistencies on other versions to G Ramon Gomez at the address provided
# above
#
#####

#LOG:Nov  3 17:10:28 mrfreeze.itg.sac.tfs norton antivirus[error] 5  Virus Found!Virus name: W32.Yaha.F@mm.enc in File: C:\Program Files\Exchsrvr\Mailroot\vsi 1\Queue\NTFS_6e44a57a01c3a270000282de.EML by: Realtime Protection scan.  Action: Clean failed : Quarantine failed : Access denied
regex=Virus Found!Virus name: (\S+) in File: (.+) by: (.+). Action: (.+); \
 classification.text=Virus found: $1; \
 id=1200; \
 revision=2; \
 analyzer(0).name=Norton Antivirus Corporate Edition; \
 analyzer(0).manufacturer=Symantec; \
 analyzer(0).class=Antivirus; \
 assessment.impact.severity=high; \
 assessment.impact.type=file; \
 assessment.impact.completion=succeeded; \
 assessment.impact.description=A virus has been identified by Norton Antivirus; \
 source(0).process.name=$3; \
 additional_data(0).type=string; \
 additional_data(0).meaning=File location; \
 additional_data(0).data=$2; \
 additional_data(1).type=string; \
 additional_data(1).meaning=Malware name; \
 additional_data(1).data=$1; \
 additional_data(2).type=string; \
 additional_data(2).meaning=Action taken; \
 additional_data(2).data=$4; \
 last

#LOG:Nov  6 00:23:51 superman.itg.sac.tfs norton antivirus[info] 16  Download of virus definition file from LiveUpdate server succeeded.
regex=Download of virus definition file from LiveUpdate server succeeded; \
 classification.text=Virus definition update; \
 id=1201; \
 revision=2; \
 analyzer(0).name=Norton Antivirus Corporate Edition; \
 analyzer(0).manufacturer=Symantec; \
 analyzer(0).class=Antivirus; \
 assessment.impact.severity=info; \
 assessment.impact.type=other; \
 assessment.impact.completion=succeeded; \
 assessment.impact.description=Norton Antivirus Virus definitions have been updated; \
 last

#LOG:Oct 23 08:46:50 smf-syslog-02 norton/smf-utility-01 antivirus[info] New virus definition file loaded. Version: 81019bn.
regex=New virus definition file loaded. Version: (\S+); \
 classification.text=Virus definition update; \
 id=1202; \
 revision=1; \
 analyzer(0).name=Norton Antivirus Corporate Edition; \
 analyzer(0).manufacturer=Symantec; \
 analyzer(0).class=Antivirus; \
 assessment.impact.severity=info; \
 assessment.impact.type=other; \
 assessment.impact.completion=succeeded; \
 assessment.impact.description=Norton Antivirus Virus definitions have been updated; \
 additional_data(0).type=string; \
 additional_data(0).meaning=Definition version; \
 additional_data(0).data=$1; \
 last

#LOG:Oct 25 11:28:00 smf-syslog-02 norton/smf-utility-01 antivirus[info] Update to computer SMF-SLS-CBROWN2 of virus definition file 81019bn failed. Status FFFFFFFF
regex=Update to computer (\S+) of virus definition file (\S+) failed. Status (\S+); \
 classification.text=Virus definition update; \
 id=1203; \
 revision=1; \
 analyzer(0).name=Norton Antivirus Corporate Edition; \
 analyzer(0).manufacturer=Symantec; \
 analyzer(0).class=Antivirus; \
 assessment.impact.severity=medium; \
 assessment.impact.type=other; \
 assessment.impact.completion=failed; \
 assessment.impact.description=Norton Antivirus Virus definition update to $1 failed.; \
 target(0).node.address(0).category=unknown; \
 target(0).node.address(0).address=$1; \
 target(0).node.name=$1; \
 additional_data(0).type=string; \
 additional_data(0).meaning=Definition version; \
 additional_data(0).data=$2; \
 additional_data(1).type=string; \
 additional_data(1).meaning=Error code; \
 additional_data(1).data=$3; \
 last

#LOG:Oct 23 09:05:04 smf-syslog-02 norton/smf-utility-01 antivirus[info] Removed Client SMF-HR-JLEE_::_CE2C654442CBAD576E3B25A97E378EFF Last Checkin Time: Thu Oct 19 18:33:08 2006
regex=Removed Client (\S+)_::\S+ Last Checkin Time: (.+); \
 classification.text=System unmanaged; \
 id=1204; \
 revision=1; \
 analyzer(0).name=Norton Antivirus Corporate Edition; \
 analyzer(0).manufacturer=Symantec; \
 analyzer(0).class=Antivirus; \
 assessment.impact.severity=medium; \
 assessment.impact.type=other; \
 assessment.impact.completion=failed; \
 assessment.impact.description=$1 hasn't checked in with Norton Antivirus Virus since $2.  Norton Antivirus is no longer managing it.; \
 target(0).node.address(0).category=unknown; \
 target(0).node.address(0).address=$1; \
 target(0).node.name=$1; \
 additional_data(0).type=string; \
 additional_data(0).meaning=Last checkin; \
 additional_data(0).data=$2; \
 last

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional