On Fri, Jul 21, 2017 at 5:27 AM, <yugandhar.dev...@gmail.com> wrote: > Hi all, > > I am new to ossec. I would like to monitor process through ossec. My plan is > need to get the notification if some one start any new process or stop/kill > any process. > Can some one help me >
If there is a way to log all processes that are started, you could configure OSSEC to read that log. Then create alerts or whatnot for the entries. Or, you could do a full_command with some `ps` wizardry. > ---- > thanks, > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
