OSSEC Alert: Multiple authentication failures

This rule is part of a beta feature. To learn more, contact Support.

Classification:

attack

Tactic:

Technique:

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Goal

Detect when multiple failed authentication attempts are detected by OSSEC.

This rule lets you monitor if there are multiple authentication failures in a limited time interval.

Check the activity detected on the System: {{@syslog.hostname}}.
Analyze the rule that triggered along with the brief description and log message attached with the log:
- Rule ID: {{@rule_id}}
- Description: {{@description}}
- Log Message: {{@log}}
Inform your administrator to take further action for the detected failed activity.