The following link should give some help with configuring rootcheck: http://www.ossec.net/main/manual/configuration-options/#rootcheck_options
The database support may help you create custom reports or interfaces that would be much more complicated to do with the log files. On Tue, Jul 6, 2010 at 5:24 AM, Bob Sauvage <[email protected]> wrote: > Hello people ! > > I want to know how works the RootKit detection with Ossec. > > How to configure the periodic scan like the integrity check ? With the > integrity check an option nammed "frequency" is present. > > Perhaps is it only manual check ? > > An another question, what is the advantage to use a database with Ossec ? > > Thanks for this info ! > > Have a nice day, > > Bob >
