I have alerts in the portscan.log file. If I use to unified2 logging BASE seems to not want to insert the portscans. If I revert back to the output database plugin then BASE inserts portscans.
I'm not sure how BASE works when it reads the portscan.log. Does BASE read the portscan.log, inset it into the main MySQL database under an acid table, and then display it in the BASE console?
Is there a way to force BASE to read the log file in?
Log in to post a comment.