Prelude support for Ossec
By Sebastien Tricaud on Sunday, October 7 2007, 22:35 - Permalink
OSSEC HIDS is a host based intrusion detection system that performs log
analysis, integrity checking, Windows registry monitoring, rootkit
detection, real-time alerting and active response.
It is now able to communicate and use all the features of the Prelude IDS framework. You can find more informations about this in the email that I sent on the mailing list here. Please test and report bugs, so that the upcoming release will have a strong and rocking prelude support.
Mandatory screenshot:
It is now able to communicate and use all the features of the Prelude IDS framework. You can find more informations about this in the email that I sent on the mailing list here. Please test and report bugs, so that the upcoming release will have a strong and rocking prelude support.
Mandatory screenshot:
Comments
i followed the instruction to register the ossec server with prelude but the sensor doesn't appear in prewikka. ossec is working and i'm at loss. any ideas? merci
pipo: Did you miss on of the following step ?
- Compiling the prelude support (type make setprelude in src/ directory)
- Enable Prelude output in the ossec.conf file (<prelude_output>yes</prelude_output>)
- Register your analyzer (with prelude-admin)