Hello, I need to use OSSEC for an intrusion detection research project along with Snort, based on DARPA 1999 dataset. I would like to feed DARPA network traffic to snort and then run OSSEC on Solaris BSM log data and Windows NT audit data. (They are here http://www.ll.mit.edu/mission/communications/ist/corpora/ideval/data/1999/training/week2/index.html )
I cannot figure out how can I use these data on OSSEC. Has anybody tried that? Can anybody advice me on how this could happen?? Thanks Giorgos
