One of my web servers is getting flooded with requests to resources that do not exist anymore, generating the corresponding 404 error. As I'm using OSSEC and OSSIM, then these errors are sent to the OSSEC server (OSSIM), flooding it as well.

I want to filter out these errors so only the ones regarding to non-existent php files are reported, but I've been playing with OSSIM's policies and I didn't manage to achieve this.

How could I do it?

1 Answer 1


Read up on "conditional logging" http://httpd.apache.org/docs/2.0/mod/mod_log_config.html

You must log in to answer this question.