Couldn't find anything so I coded up something. https://github.com/iam1980/ossec-email-abuse
I'm testing it in OSSEC ver. 2.7 and it seems to be working. Feel free to make any modifications Cheers On Saturday, January 26, 2013 12:22:55 PM UTC+2, Iraklis Mathiopoulos wrote: > > Hey guys, > > Any progress on this? > > Cheers, > > Iraklis > > On Monday, June 4, 2012 8:00:59 PM UTC+3, Ryan Schulze wrote: >> >> Hi Chris, >> >> sorry to dig up this old mail, just wanted to ask if you stumbled across >> anything interesting since I was also thinking about automatic generation >> of abuse mails with OSSEC? >> >> Ryan >> >> >> On Wednesday, December 21, 2011 10:32:41 AM UTC-6, Chris Warren wrote: >>> >>> Hi all, >>> Has anyone attempted, or done this? >>> When triggered, it would look up the whois record for the IP and find >>> the abuse contact, sending them an email with the notification. >>> Just wanted to check around before adding it to my to-do list ;) >>> >>> Being the abuse contact for about 25,000 IPs, I get many emails like >>> this from things like BFD, and find them very useful (usually in >>> identifying hacked machines, but sometimes naughty customers). The fact >>> that I act on these emails tells me that others out there do as well. >>> >>> Sorry if this has been discussed before. I did a bit of searching but >>> didn't come up with anything. >>> >>> Chris >>> >>> --
