Re: [ossec-list] Testing integratord

2016-01-28 Thread Marcelo 
Dear Daniel,

I did the installation of integrator, but I do not understand why my
server had lost the connection with my agents. To service back works, I
need restart the ossec. Can you help me?

I have downloaded this: dcid-ossec-hids-d29f2859d5c6.tar.gz
PS: Apologize me for my poor english, my Portuguese is better

Em 27-01-2016 16:57, Daniel Cid escreveu:
> I have been working on the integrator daemon (ossec-integratord) to
> allow OSSEC
> to easily integrate with external APIs to send alerts & notifications.
> 
> I have pushed it to my personal fork and I am looking for testers, and
> people interested to try it out to help flush out any bugs/issues.
> 
> So far, we added support for Slack & PagerDuty.
> 
> Latest code for it here:
> https://bitbucket.org/dcid/ossec-hids/src/3ed5ef68d33be4c36edba32e3893d30f7bbbc4e9/src/os_integrator/?at=default
> 
> And setup instructions:
> https://blog.sucuri.net/2016/01/server-security-integrating-ossec-with-slack-and-pagerduty.html
> 
> *you should be able to safely upgrade directly to:
> https://bitbucket.org/dcid/ossec-hids/get/tip.tar.gz if that makes it
> easier.
> 
> 
> Also, if you have suggestions for more integrations, let me know.
> 
> thanks!
> 
> -- 
> 
> ---
> You received this message because you are subscribed to the Google
> Groups "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to ossec-list+unsubscr...@googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ossec-list] Testing integratord

2016-01-28 Thread Daniel Cid 
Mind sending the last 20-30 lines of your ossec.log? It can give us an idea
to what is going on.

thanks,

On Thu, Jan 28, 2016 at 1:42 PM, Marcelo  wrote:

> Dear Daniel,
>
> I did the installation of integrator, but I do not understand why my
> server had lost the connection with my agents. To service back works, I
> need restart the ossec. Can you help me?
>
> I have downloaded this: dcid-ossec-hids-d29f2859d5c6.tar.gz
> PS: Apologize me for my poor english, my Portuguese is better
>
> Em 27-01-2016 16:57, Daniel Cid escreveu:
> > I have been working on the integrator daemon (ossec-integratord) to
> > allow OSSEC
> > to easily integrate with external APIs to send alerts & notifications.
> >
> > I have pushed it to my personal fork and I am looking for testers, and
> > people interested to try it out to help flush out any bugs/issues.
> >
> > So far, we added support for Slack & PagerDuty.
> >
> > Latest code for it here:
> >
> https://bitbucket.org/dcid/ossec-hids/src/3ed5ef68d33be4c36edba32e3893d30f7bbbc4e9/src/os_integrator/?at=default
> >
> > And setup instructions:
> >
> https://blog.sucuri.net/2016/01/server-security-integrating-ossec-with-slack-and-pagerduty.html
> >
> > *you should be able to safely upgrade directly to:
> > https://bitbucket.org/dcid/ossec-hids/get/tip.tar.gz if that makes it
> > easier.
> >
> >
> > Also, if you have suggestions for more integrations, let me know.
> >
> > thanks!
> >
> > --
> >
> > ---
> > You received this message because you are subscribed to the Google
> > Groups "ossec-list" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> > an email to ossec-list+unsubscr...@googlegroups.com
> > .
> > For more options, visit https://groups.google.com/d/optout.
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ossec-list] Testing integratord

2016-01-27 Thread Daniel Cid 
I have been working on the integrator daemon (ossec-integratord) to allow
OSSEC
to easily integrate with external APIs to send alerts & notifications.

I have pushed it to my personal fork and I am looking for testers, and
people interested to try it out to help flush out any bugs/issues.

So far, we added support for Slack & PagerDuty.

Latest code for it here:
https://bitbucket.org/dcid/ossec-hids/src/3ed5ef68d33be4c36edba32e3893d30f7bbbc4e9/src/os_integrator/?at=default

And setup instructions:
https://blog.sucuri.net/2016/01/server-security-integrating-ossec-with-slack-and-pagerduty.html

*you should be able to safely upgrade directly to:
https://bitbucket.org/dcid/ossec-hids/get/tip.tar.gz if that makes it
easier.


Also, if you have suggestions for more integrations, let me know.

thanks!

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ossec-list] Testing integratord

2016-01-27 Thread Santiago Bassett 
Thanks Daniel! I'll definitely try the integration with Slack. Cool stuff.

On Wed, Jan 27, 2016 at 10:57 AM, Daniel Cid  wrote:

> I have been working on the integrator daemon (ossec-integratord) to allow
> OSSEC
> to easily integrate with external APIs to send alerts & notifications.
>
> I have pushed it to my personal fork and I am looking for testers, and
> people interested to try it out to help flush out any bugs/issues.
>
> So far, we added support for Slack & PagerDuty.
>
> Latest code for it here:
>
> https://bitbucket.org/dcid/ossec-hids/src/3ed5ef68d33be4c36edba32e3893d30f7bbbc4e9/src/os_integrator/?at=default
>
> And setup instructions:
>
> https://blog.sucuri.net/2016/01/server-security-integrating-ossec-with-slack-and-pagerduty.html
>
> *you should be able to safely upgrade directly to:
> https://bitbucket.org/dcid/ossec-hids/get/tip.tar.gz if that makes it
> easier.
>
>
> Also, if you have suggestions for more integrations, let me know.
>
> thanks!
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ossec-list] Testing integratord

2016-01-27 Thread Alberto Mijares 
Hi Daniel,

This is great! I don't have time right now for testing but I have a
suggestion: the next step should be the integration with RT and RTIR.

Thank you for this work.

Best regards,


Alberto Mijares



On Wed, Jan 27, 2016 at 2:27 PM, Daniel Cid  wrote:
> I have been working on the integrator daemon (ossec-integratord) to allow
> OSSEC
> to easily integrate with external APIs to send alerts & notifications.
>
> I have pushed it to my personal fork and I am looking for testers, and
> people interested to try it out to help flush out any bugs/issues.
>
> So far, we added support for Slack & PagerDuty.
>
> Latest code for it here:
> https://bitbucket.org/dcid/ossec-hids/src/3ed5ef68d33be4c36edba32e3893d30f7bbbc4e9/src/os_integrator/?at=default
>
> And setup instructions:
> https://blog.sucuri.net/2016/01/server-security-integrating-ossec-with-slack-and-pagerduty.html
>
> *you should be able to safely upgrade directly to:
> https://bitbucket.org/dcid/ossec-hids/get/tip.tar.gz if that makes it
> easier.
>
>
> Also, if you have suggestions for more integrations, let me know.
>
> thanks!
>
> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "ossec-list" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ossec-list+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.