I took a look and it looks great, but I was wondering if you had any customized dashboards or favorite OSSEC rules to share?
Thanks for all the great work. On Tuesday, December 22, 2015 at 10:44:07 PM UTC-5, Santiago Bassett wrote: > > Hi, > > in case you are interested, we have done some work integrating OSSEC with > ELK (specially for those using them to be compliant with PCI DSS, not sure > if this is the case), including the creation of Kibana dashboards. > > We have also created a RESTful API for OSSEC that we plan to use with new > Kibana plugins functionality (added in version 4.2), to be able to > monitor/control your OSSEC deployments from Kibana (e.g agent status, > syscheck or rootcheck settings, agent keys, loaded rules...) > > See more info in our website at: > http://documentation.wazuh.com/en/latest/ossec_elk.html > > Best regards, > > Santiago. > > On Thu, Dec 17, 2015 at 8:24 AM, <[email protected] <javascript:>> > wrote: > >> I've been tasked with tuning OSSEC. >> >> I've wondering if there is a general guideline or process. We have OSSEC >> feeding into ELK stack. What are folks thoughts on tuning vs. coming up >> with better Kibana hunting searches? >> >> Thanks! >> >> -- >> >> --- >> You received this message because you are subscribed to the Google Groups >> "ossec-list" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
