Educause Security Discussion mailing list archives
Re: Administering OSSEC
From: Chris Green <cmgreen () UAB EDU>
Date: Tue, 16 Feb 2010 15:10:30 -0600
Excuse the really dumb OSSEC question but does it get to the point where it sends you email reports rather than individual alerts? We end up with a process where our "auditable" email reports go to a resource account mailbox where the tasked individual has to reply so we can prove that they are reviewed on a timely basis. I ended up using a very customized epylog to accomplish this but wouldn't mind looking at OSSEC again as at times I would like the real-time alerts. -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bradley, Stephen W. Mr. Sent: Tuesday, February 16, 2010 1:58 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Administering OSSEC We put OSSEC on our PCI servers (Linux and Windows) and have the management end of it running on one of our Syslog servers.
Current thread:
- Administering OSSEC Eric C. Lukens (Feb 16)
- <Possible follow-ups>
- Re: Administering OSSEC Kevin Wilcox (Feb 16)
- Re: Administering OSSEC Bradley, Stephen W. Mr. (Feb 16)
- Re: Administering OSSEC Chris Green (Feb 16)
- Re: Administering OSSEC Bradley, Stephen W. Mr. (Feb 16)
- Re: Administering OSSEC Will Froning (Feb 16)