If you're using Puppet to manage the configuration of your systems the ossec puppet module I wrote does just what you're looking for.
https://github.com/deadpoint/ossec -- Later, Darin On Sun, Apr 6, 2014 at 1:14 PM, Joshua Garnett <[email protected]> wrote: > All, > > I'm looking for best practices for rolling out OSSEC to cloud based > environments such as AWS. One of the biggest problems I'd like to address > is developer environments that may be constantly going up and down. Ideally > I'd be able to put together a prebaked AMI that has an OSSEC agent already > installed and preconfigured to talk to an OSSEC server. > > One idea I had was to setup a Serf cluster, http://www.serfdom.io/, for > OSSEC, which would use a shared secret and monitor join/leave events to > correctly populate the client.keys. > > --Josh > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
