Stupid question but I can't tell if the HIDS is doing anything. I have it set to send information to OSSIM and email alerts as well.
Only thing -- if nothing changes on the system I don't get any messages. This is problematic since I need to provide metrics to management. I know I can use ./list_agents -c but looking more. Is there a way to send "heartbeats"? Looking for a way to send a status message from the host to the server, say every 5 mins. Would be really nice to have the total # of alerts for the day so far and time the last alert was sent. It seems this is available in the WUI but I don't use that all the time. Would like to get this all into OSSIM. Thanks
