Daniel,
We've done that by using OSSEC to report to prelude-ids. Just set up
multiple OSSEC servers and have them report their events back to
prelude-ids. Prelude is very powerful, very easy to setup and very easy
to scale.
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142
---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security
Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn
Stephen Bernacki wrote:
> Daniel,
>
> In the below message, you indicate that OSSEC has a default maximum
> limit of 256 clients. Given this limitation, what is the recommended
> way of deploying OSSEC in a large-scale environment? I'm currently
> evaluating the use of OSSEC in a 500+ Unix environment.
>
> Thank you,
> Steve
>
>
> Daniel Cid wrote:
>> Hi Pascal,
>>
>> Thanks for the bug report with the gdb output, it helps a lot to understand
>> what
>> is going on. OSSEC by default has a maximum limit of 256 agents and it
>> seems that
>> you have more than that and "ossec-remoted" is just crashing instead
>> of generating
>> an error about it.
>>
>
>
begin:vcard
fn:Adriel T Desautels
n:Desautels;Adriel T
org:Netragard, LLC.
adr:;;17 Sheldon Road;Mendham ;NJ;;USA
email;internet:[EMAIL PROTECTED]
title:Chief Technology Officer
tel;work:617-934-0269
tel;cell:617-633-3821
x-mozilla-html:FALSE
url:http://www.netragard.com
version:2.1
end:vcard
