##########################################################################
# $Id$
##########################################################################
# $Log: evtsecurity.conf,v $
# Revision 1.1 2007/04/28 22:50:24 bjorn
# Added files for Windows Event Log, by Orion Poplawski. These are for
# Windows events logged to a server, using Snare Agent or similar.
#
##########################################################################
# You can put comments anywhere you want to. They are effective for the
# rest of the line.
# this is in the format of <name> = <value>. Whitespace at the beginning
# and end of the lines is removed. Whitespace before and after the = sign
# is removed. Everything is case *insensitive*.
# Yes = True = On = 1
# No = False = Off = 0
Title = "Security Event Log"
# Which logfile group...
LogFile = eventlog
# Only give lines pertaining to the kernel service...
*EventLogOnlyService = security
*RemoveHeaders
# vi: shiftwidth=3 tabstop=3 et