ClamAV is an antivirus software. OSSEC is an HIDS. In OSSEC there are not virus signatures but it can parse ClamAV events and generates alert from them if you want.
A typical scenario can be like this; You deploy ClamAV + OSSEC to all your clients. Whenever there is a virus activity, ClamAV catches it (by cron scannings etc...) and OSSEC generates alarm for them. OSSEC can also control for ClamAV (and like) system softwares integrity. For example if a malware corrupts your ClamAV files, OSSEC can catch it if you monitor it. 6 Ekim 2015 Salı 12:08:14 UTC+3 tarihinde Paul Targett yazdı: > > Hi, I'm trying to determine if I need CLAM AV if I already have OSSEC > running on Centos 7. > > I've seen a couple of articles saying it isn't required. Would welcome > views. > > PT > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
