I've never made any changes to my base OSSEC configuration
specifically for SELinux. On my RHEL4&5 machines, when SELinux writes
errors to /var/log/messages, OSSEC sends out an alert. It would
probably be better to set up specific rules but just FYI you get some
value without changing the basic install.
On May 19, 11:03 am, carlopmart <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> Which is the best form to integrate/cooperate ossec with selinux?? I have 7
> xen virtualized guests using ossec under rhel5 and I need to setup selinux in
> all of them (customer security police). Any hint or tip??
>
> Many thanks.
>
> --
> CL Martinez
> carlopmart {at} gmail {d0t} com
