I have recently installed OSSEC on the office infrastructure, both server and agent for each container on the servers.
I have configured it, the server and the authenticated the agents, that are active.
How do I trigger a rootkit scan? On the documentation and books it is not very explicit how to start scaning the agent for rootkits?
And what about the slack notifications? I have configured, can receive notifications but not alerts notification or scan notification?
Kindly appreciate the help.
Support/Development for OSSEC