Hi, I'm collecting information for a project that starts up when I get back to work in October. I have tried out OSSEC on a few lab hosts a year or so.
So now we will try out to collect "all" our logs through OSSEC than send them to Graylog2 with MongoDB backend. Anyone tried this, or are everyone going Snort nowdays? -- Regards Falk
