We just uploaded a snippet written earlier this year, it requires regexp.py and can automatically identify the log type a certain IP is sending via syslog.
About the Author: Dominique Karg
Read more posts from Dominique Karg ›
TAGS: siem, ossim, alienvault, plugin, detection
‹ BACK TO ALL BLOGS
The Essential Guide to Secure Web Gateway
Evaluator’s guide for managed detection and response (MDR) services