########################################################################## # $Id: evtsecurity.conf,v 1.1 2007/04/28 22:50:24 bjorn Exp $ ########################################################################## # $Log: evtsecurity.conf,v $ # Revision 1.1 2007/04/28 22:50:24 bjorn # Added files for Windows Event Log, by Orion Poplawski. These are for # Windows events logged to a server, using Snare Agent or similar. # ########################################################################## # You can put comments anywhere you want to. They are effective for the # rest of the line. # this is in the format of <name> = <value>. Whitespace at the beginning # and end of the lines is removed. Whitespace before and after the = sign # is removed. Everything is case *insensitive*. # Yes = True = On = 1 # No = False = Off = 0 Title = "Security Event Log" # Which logfile group... LogFile = eventlog # Only give lines pertaining to the kernel service... *EventLogOnlyService = security *RemoveHeaders # vi: shiftwidth=3 tabstop=3 et