ospatrol.conf: Reports options¶
Overview¶
Supported types¶
Reports options are available in the the following installation types:
- server
- local
Location¶
All reports options must be configured in the /var/ospatrol/etc/ospatrol.conf and used within the <ospatrol_config> tag.
XML excerpt to show location:
<ospatrol_config>
<reports>
<!--
Reports options here
-->
</reports>
</ospatrol_config>
Options¶
- reports¶
- group¶
Filter by group/category.
Allowed: Any category used within OSPatrol Rules.
- categories¶
Filter by group/category.
Note
This is the same as the group option above.
Allowed: Any category used within OSPatrol Rules.
- rule¶
Rule ID to Filter for.
Allowed: Any Rule ID in OSPatrol Rules.
- level¶
Alert level to filter for. This is an inclusive option so all higher level alerts will also match.
Allowed: Any Alert level 1 to 16
- location¶
Filter by the log location or agent name.
Allowed: Any file path or hostname or network.
- srcip¶
Filter by the source ip of the event.
Allowed: Any hostname or network
- user¶
Filter by the user name. This will match on either srcuser or dstuser
Allowed: Any username
- title¶
The name of the report.
This is a required field for reports to function.
Allowed: Any Text
- email_to¶
The email address to send the completed report.
This is a required field for a report to function.
Allowed: Any email address
- showlogs¶
Include logs when creating the report
Allowed: yes/no
Default: no