Hi Group,
I am newbee to OSSEC, I am having three questions regrading OSSEC
implementation,
1) We are planning to install OSSEC on around 300+ Linux servers, What is
the best way for implementing the client? (Agentless / AgentBased interms of
performance)
2) How to change the default log path for OSSEC?
We want to store in /var/log/ossec instead of /var/ossec/log
3) How to capture the userdetails in real time monitoring or in syscheck?
Please provide me some hints / links if these questions already adressed...
Thanks a lot,
Regards,
-Gopal.C
