AlienVault v5.1 is now available for OSSIM and USM. Learn more
Check out the new Open Threat Exchange (OTX) - with social sharing of threat data. Sign up today
I would like to ask one thing:
I have installed OSSIM version 4.0. I have configured snare on windows in order to send syslog events to OSSIM. OSSIM receives events correctly and stores them into a table called "acid_event".
Now I would like to ask you: what is the meaning of the field "ctx" and how can I read it?
I think that this field (ctx) contains the Raw events. If I'm wrong, in which table can I find the raw events?