Hi All!
I have a question about file integrity check. The rules work fine
except it lacks a bit of information.
Like witch user or app modified the file. I can achieve this by
cross referencing with other log
Files but it would be nice if OSSEC came up with something to
correlate this informationSo if someone wrote a script or rule that that collects this information I would greatly appreciate it Thank you Dan
