Sent from mobile device; please excuse brevity snd typos.
-------- Original message --------
From: Weezel <[email protected]>
Date: 09/10/2013 9:19 PM (GMT+00:00)
To: [email protected]
Subject: [ossec-list] OSSEC for Software Inventory
Has anyone used OSSEC for software inventory? I'd like to:
a) Be able to compile a list of systems that have a certain package installed
(which I am content to do with script-foo on the server).
b) Be informed via syslog or email of (un)installations of packages.
My initial attempt (on Redhat and clones) has been to use process monitoring on
the "rpm -qa | sort" command periodically along check_diff to alert on changes.
For some systems, especially desktops that can have thousands of installed
packages in our environment, it seems that there are too many characters are
being returned by the rpm command and output is getting truncated, and changes
to packages that sort closer to the end of the alphabet are being missed.
Is there an easier way to go about this?
Here's where I was getting my notes on process monitoring from:
hxxp://www.ossec.net/doc/manual/monitoring/process-monitoring.html
Thanks in advance!
Weezel
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
--
---
You received this message because you are subscribed to the Google Groups
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
