It depends on your environment. If you install OSSEC in a web server, you will see alerts related to apache, access logs, wordpress, attacks. If you want to control your users, pay attention to ssh, ftp rules... It is a world of possibilities, I recommend you to install OSSEC and research the rules that appear.
Regards, Jesus Linares On Monday, April 18, 2016 at 5:15:57 PM UTC+2, [email protected] wrote: > > I was just wondering what are some top simple rules I can put into OSSEC? > > Also what are some of the top ways folks are using OSSEC to hunt for Evil? > > Thanks! > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
