byterazor
/
OSSEC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
collection of perl modules and scripts simplifying working with OSSEC(https://www.ossec.net/) from perl.
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11 Commits
1 Branch
0 Tags
52 KiB
Perl 100%
 
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Go to file
Dominik Meyer dd5db00d96
ADD: updated README.md 		3 years ago
bin ADD: script to update agent table in ossec database 3 years ago
lib ADD: module documentation and mysql support of OSSEC.pm 3 years ago
.gitignore ADD: ignore some files 3 years ago
LICENSE.txt ADD: LICENSE.txt 3 years ago
README.md ADD: updated README.md 3 years ago
dist.ini ADD: basic logging infrastructure 3 years ago

README.md

OSSEC Module

Description

This is a collection of perl modules and scripts simplifying working with OSSEC(https://www.ossec.net/) from perl.

Modules

OSSEC

Main module of this distribution. Provides OSSEC configuration file parsing to read database credentials from it.

Using methods of the OSSEC module makes sure that the base path to OSSEC is always set in the other modules.

OSSEC::Log

Simplifies logging to files, e.g. for active response at the moment. You are able to use different logging types (info,error,fatal,debug) and select the file to log to.

OSSEC::MySQL

Simplifies to query and work with OSSEC and its MySQL database output. At the moment you are able to search for an alert given by its id. Update the signature table within the database, which is not done by the current(3.5.0) version of OSSEC.

Scripts

ossec-update-agents-database.pl

Updates the agent tabes within the MySQL database.

ossec-update-rules-database.pl

Parses all the rules files of OSSEC and updates the signature table wthin the MySQL database.

Installation

Stable Version

The stable version can always be installed from CPAN using the cpan tool of your linux distribution.

Git install

For installing fresh from the git repository you need a perl installation including the Dist::Zilla package. The use of plenv(https://github.com/tokuhirom/plenv) is encouraged.

git clone https://gitcloud.federationhq.de/byterazor/OSSEC.git
cd OSSEC
dzil build
cpanm OSSEC-<version>.tar.gz

Author

Dominik Meyer dmeyer@federationhq.de

License

GPLv3