It does not monitor the network. Forward IDS logs via syslog to OSSEC and you should be fine (some decoders may need to be written). OSSEC also supports other snort log formats, but I can't remember what they are off hand.
On Fri, Apr 6, 2012 at 10:48 AM, Qasim Ijaz <[email protected]> wrote: > Does OSSEC monitor logs only (not network traffic)? If so, can I make > it monitor logs generated by and IDS like snort?
