Hi, check out this post: http://santi-bassett.blogspot.com.es/2015/08/how-to-monitor-running-processes-with-ossec.html
I hope it helps. On Saturday, July 22, 2017 at 3:03:25 AM UTC+2, CEH wrote: > > Check Nagios for process monitoring > > On 22-Jul-2017 02:54, "dan (ddp)" <ddp...@gmail.com <javascript:>> wrote: > > On Fri, Jul 21, 2017 at 5:27 AM, <yugandha...@gmail.com <javascript:>> > wrote: > > Hi all, > > > > I am new to ossec. I would like to monitor process through ossec. My > plan is > > need to get the notification if some one start any new process or > stop/kill > > any process. > > Can some one help me > > > > If there is a way to log all processes that are started, you could > configure OSSEC to read that log. Then create alerts or whatnot for > the entries. > Or, you could do a full_command with some `ps` wizardry. > > > ---- > > thanks, > > > > -- > > > > --- > > You received this message because you are subscribed to the Google Groups > > "ossec-list" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to ossec-list+...@googlegroups.com <javascript:>. > > For more options, visit https://groups.google.com/d/optout. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+...@googlegroups.com <javascript:>. > For more options, visit https://groups.google.com/d/optout. > > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
