OSSEC v2.8 Copyright (C) 2014 Trend Micro Inc.
To enable Prelude SIEM sensor, you have to run this in src directory :
make setprelude
OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together (security information and event management) in a simple, powerful and open source solution.
Visit our website for the latest information. ossec.github.io
The current stable releases are available on the OSSEC website.
- Releases can be downloaded from: Downloads
- Release documentation is available at: OSSEC’s documentation
The development version is hosted on GitHub and just a simple git clone away.
$ (ossec_version="2.8.2" ; ossec_checksum="a0f403270f388fbc6a0a4fd46791b1371f5597ec" ; cd /tmp/ && wget https://github.com/ossec/ossec-hids/archive/${ossec_version}.tar.gz && mv ${ossec_version}.tar.gz ossec-hids-${ossec_version}.tar.gz && checksum=$(sha1sum ossec-hids-${ossec_version}.tar.gz | cut -d" " -f1); if [ $checksum == $ossec_checksum ]; then tar xfz ossec-hids-${ossec_version}.tar.gz && cd ossec-hids-${ossec_version} && sudo ./install.sh ; else "Wrong checksum. Download again or check if file has been tampered with."; fi)
Then follow the prompts. You should still read the documentation here.
- OSSEC comes with a modified version of zlib and a small part of openssl (sha1 and blowfish libraries)
- This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/).
- This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)
- This product includes software developed by the zlib project (Jean-loup Gailly and Mark Adler).
- This product includes software developed by the cJSON project (Dave Gamble)