All, I'm looking for best practices for rolling out OSSEC to cloud based environments such as AWS. One of the biggest problems I'd like to address is developer environments that may be constantly going up and down. Ideally I'd be able to put together a prebaked AMI that has an OSSEC agent already installed and preconfigured to talk to an OSSEC server.
One idea I had was to setup a Serf cluster, http://www.serfdom.io/, for OSSEC, which would use a shared secret and monitor join/leave events to correctly populate the client.keys. --Josh -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
