This is an active response script for OSSEC(https://www.ossec.net/), written in perl, to send jabber(xmpp) messages of certain alerts.
- sendxmpp program
- OSSEC Perl Module
The stable version can always be installed from CPAN using the cpan tool of your linux distribution.
For installing fresh from the git repository you need a perl installation including the Dist::Zilla package. The use of plenv(https://github.com/tokuhirom/plenv) is encouraged.
git clone https://gitcloud.federationhq.de/byterazor/App-OSSEC-Jabber.git cd App-OSSEC-Jabber dzil build cpanm App-OSSEC-Jaber<version>.tar.gz
- Please link the script into your OSSEC active response bin directory to be able to execute it.
- configure the command in your ossec.conf
- configure the active response for every alert leve/ rule you want the command to be triggert
- place a jabber.conf file in your ossec etc directory
<config> <options>-t</options> <recipients> <recipient>firstname.lastname@example.org</recipient> </recipients> </config>
Plase make sure sendxmpp is installed and you have a working configuration to send jabber messages to your recipients.
Dominik Meyer email@example.com