On Thu, Jul 10, 2014 at 10:06 PM, <
hxh...@gmail.com> wrote:
> To test, service ossec stop,
> To receive e-mail alerts after 30 minutes,
> The alarm for too long,
> Hackers enough to do a lot of things,
> How to modify the alarm time shorter? Thank you
>
There are some timeouts in the source. I'm sure if you search the
archives you can find what to change specifically.
> Rule:504 fired "Ossec agent disconnected"
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
ossec-list+...@googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.