OSSEC is a full platform to monitor
and control your systems. It mixes
together all the aspects of HIDS
(host-based intrusion detection),log
monitoring and SIM/SIEM together in a
simple,powerful and open source
solution.
对于日志监控/警报:
Real-time and Configurable Alerts
OSSEC lets customers configure
incidents they want to be alerted on
which lets them focus on raising the
priority of critical incidents over
the regular noise on any system.
Integration with smtp,sms and syslog
allows customers to be on top of
alerts by sending these on to e-mail
and handheld devices such as cell
phones and pagers.[…]
Every operating system,application,
and device on your network generate
logs (events) to let you kNow what is
happening. OSSEC collects,analyzes
and correlates these logs to let you
kNow if something wrong is going on
(attack,misuse,errors,etc).
这是一个article about OSSEC on 360° Security.
专业的商业替代品:EventTracker(Prism Microssystems):
EventTracker is a complete Security information and Event Management (SIEM) solution that combines real-time Log Management with powerful Configuration and Change Management in one turnkey software package.
原文地址:https://www.jb51.cc/windows/369357.html
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。