Skeptor authored and vikman90 committed Sep 3, 2018
1 parent f10198e commit 35cd825164c7be31e91a5bd011f0c815b3a539d6
Showing with 7 additions and 0 deletions.
  1. +7 −0 rules/0015-ossec_rules.xml
@@ -183,6 +183,13 @@
<description>List of the last logged in users.</description>
<rule id="536" level="0">
<regex>'df -P':\s+/dev/loop\d+\s+\d+\s+\d+\s+0\s+100%\s+/snap/\w+/\d+</regex>
<description>Ignore snap disks because are always 100% of capacity</description>
<rule id="550" level="7">

