Dominik Meyer
dd5db00d96
|
||
|---|---|---|
| bin | ||
| lib | ||
| .gitignore | ||
| LICENSE.txt | ||
| README.md | ||
| dist.ini | ||
README.md
OSSEC Module
Description
This is a collection of perl modules and scripts simplifying working with OSSEC(https://www.ossec.net/) from perl.
Modules
OSSEC
Main module of this distribution. Provides OSSEC configuration file parsing to read database credentials from it.
Using methods of the OSSEC module makes sure that the base path to OSSEC is always set in the other modules.
OSSEC::Log
Simplifies logging to files, e.g. for active response at the moment. You are able to use different logging types (info,error,fatal,debug) and select the file to log to.
OSSEC::MySQL
Simplifies to query and work with OSSEC and its MySQL database output. At the moment you are able to search for an alert given by its id. Update the signature table within the database, which is not done by the current(3.5.0) version of OSSEC.
Scripts
ossec-update-agents-database.pl
Updates the agent tabes within the MySQL database.
ossec-update-rules-database.pl
Parses all the rules files of OSSEC and updates the signature table wthin the MySQL database.
Installation
Stable Version
The stable version can always be installed from CPAN using the cpan tool of your linux distribution.
Git install
For installing fresh from the git repository you need a perl installation including the Dist::Zilla package. The use of plenv(https://github.com/tokuhirom/plenv) is encouraged.
git clone https://gitcloud.federationhq.de/byterazor/OSSEC.git
cd OSSEC
dzil build
cpanm OSSEC-<version>.tar.gz
Author
Dominik Meyer dmeyer@federationhq.de
License
GPLv3