Hello, My team is evaluating OSSEC and we're looking for a method to capture sudo commands when OOSEC detects the command has been executed. Is this on option that is available today to capture output?
Note: I did see question/response to this going back to 2010. Since I am new to OSSEC, I am inquiring to see if answer is still valid. If this is not an option, how have those using OSSEC addressed the need for capturing the commands being issued when running 'sudo' that maybe needed for one's auditing. Thanks Steve -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.