62 lines
1.4 KiB
Markdown
62 lines
1.4 KiB
Markdown
# OSSEC-Jabber
|
|
|
|
## Description
|
|
|
|
This is an active response script for OSSEC(https://www.ossec.net/), written in perl,
|
|
to send jabber(xmpp) messages of certain alerts.
|
|
|
|
|
|
|
|
## Requirements
|
|
|
|
- Perl
|
|
- sendxmpp program
|
|
- OSSEC Perl Module
|
|
|
|
## INSTALL
|
|
|
|
### Stable Version
|
|
The stable version can always be installed from CPAN using the *cpan*
|
|
tool of your linux distribution.
|
|
|
|
### Git install
|
|
|
|
For installing fresh from the git repository you need a perl installation including the Dist::Zilla package. The use of plenv(https://github.com/tokuhirom/plenv) is encouraged.
|
|
|
|
```{r, engine='bash', code_block_name}
|
|
git clone https://gitcloud.federationhq.de/byterazor/App-OSSEC-Jabber.git
|
|
cd App-OSSEC-Jabber
|
|
dzil build
|
|
cpanm App-OSSEC-Jaber<version>.tar.gz
|
|
```
|
|
|
|
### OSSEC specific
|
|
|
|
- Please link the script into your OSSEC active response bin directory
|
|
to be able to execute it.
|
|
- configure the command in your ossec.conf
|
|
- configure the active response for every alert leve/ rule you want the command to be triggert
|
|
- place a jabber.conf file in your ossec etc directory
|
|
|
|
#### Example jabber.conf
|
|
```{r, engine='xml'}
|
|
<config>
|
|
<options>-t</options>
|
|
<recipients>
|
|
<recipient>your@jabber.de</recipient>
|
|
</recipients>
|
|
</config>
|
|
```
|
|
|
|
### sendxmpp
|
|
|
|
Plase make sure sendxmpp is installed and you have a working configuration to send jabber messages to your recipients.
|
|
|
|
## Author
|
|
|
|
Dominik Meyer <dmeyer@federationhq.de>
|
|
|
|
## LICENSE
|
|
|
|
GPLv3
|