| Host |
$Target/Property[Type="Unix!Microsoft.Unix.Computer"]/PrincipalName$ |
Host where log file resides. |
 |
| RegExpFilter |
.*sshd.*Failed.*keyboard-interactive.*for.*root.* |
Regular expression to use for filtering log file records. |
|
| IndividualAlerts |
false |
The default behavior of this data source module is to search the UNIX/Linux log file for lines matching a rule, and present all matches as a single alert. If the ‘Individual Alert’ property is set to ‘true’, then the module will generate an individual alert for each line in the log file that matches the rule. |
|