To be more precise: this is the most valuable link I found: http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html I am still interested in other peoples' implementations.
Op woensdag 5 februari 2014 14:45:26 UTC+1 schreef Michiel van Es: > > Yes, First 3 hits about mail scripts (nagios exchange) and 'swatch alike > scripts' but not a lot of specific setup information. > That is why I ask it here what people use nowadays and how their setup > looks like. > > Michiel > > Op woensdag 5 februari 2014 14:32:47 UTC+1 schreef Darin Perusich: >> >> Have you asked Google? >> -- >> Later, >> Darin >> >> >> On Wed, Feb 5, 2014 at 6:47 AM, Michiel van Es <[email protected]> >> wrote: >> > Hello, >> > >> > I was wondering if someone already used the OSSEC and Nagios to >> generate >> > alerts ? >> > I have the following idea in my head: alert of level 11+ will be seen >> by a >> > monitor/swatch script tailing the /var/ossec/logs/alerts/alerts.log >> logfile >> > and generates an alert/trigger and sends it to Nagios. >> > Nagios generates an alert, shows in on a dashboard. >> > Engineer fixes the issue or filters the alert (in case of a false >> positive) >> > and OK/ACK the alert in Nagios. >> > >> > Or has someone else a better idea how to integrate these 2 together? >> > >> > All tips are more then welcome! >> > >> > Michiel >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> Groups >> > "ossec-list" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to [email protected]. >> > For more options, visit https://groups.google.com/groups/opt_out. >> > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
