On Wed, Sep 19, 2012 at 1:09 PM, dan (ddp) <[email protected]> wrote: > On Wed, Sep 19, 2012 at 6:22 AM, C. L. Martinez <[email protected]> wrote: >> Hi all, >> >> Somebody have tried to configure OSSEC to extract alerts from a >> McAfee ePO server that uses a sql express a database repositories for >> events?? I am trying to extract some info from ePO database like >> events, virus detected, etc and then parse with OSSEC. >> >> Thanks. > > What are your plans for getting the events out of the db? I didn't get > to do any admin work with epo, but I remember there were issues > integrating parts of it with other products.
My idea is to launch a sql script and redirect its output to a log file. After that, ossec can read it and trigger an alert if it is necessary.
