How to analyze/monitoring OSSEC on Ubuntu
Posted: Tue Apr 26, 2022 3:03 pm
I'm using OSSEC server (free version) to monitor machines with OSSEC agents, which monitor this login via SSH, file creation, etc.
I have configured OSSEC to send an email when it detects a problem, but this control/monitoring mode is very bad for data control and search.
How can I analyze/monitoring the OSSEC like a dashboard, all log occurrences? Analyze by type of threat, date of occurrence, etc.
I have configured OSSEC to send an email when it detects a problem, but this control/monitoring mode is very bad for data control and search.
How can I analyze/monitoring the OSSEC like a dashboard, all log occurrences? Analyze by type of threat, date of occurrence, etc.