Hi, just in case anyone is interested, I published a little article about it a few days ago. Basically describes how to run remote commands to list remote processes and write rules to alert one important ones are not running.
http://santi-bassett.blogspot.com/2015/08/how-to-monitor-running-processes-with-ossec.html Best regards -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
