A container element for the rules of the ruleset.

Location

/ patterndb / ruleset / rules

Attributes

N/A

Children

  • rule: A rule that contains the message patterns and classification data used to recognize matching log messages. For details, see Element: rule.

Example

<rules>
    <rule provider='me' id='182437592347598' class='system'>
        <patterns>
            <pattern>Accepted @STRING:SSH_AUTH_METHOD:-_@ for @STRING:SSH_USERNAME:._-@ from @IPvANY:SSH_CLIENT_ADDRESS@ port @NUMBER:SSH_PORT_NUMBER@ ssh2</pattern>
        </patterns>
    </rule>
</rules>

Updated: