On Wed, Mar 22, 2017 at 8:20 AM, Per-Erik Persson <[email protected]> wrote: > Is anyone working in this?
Not that I'm aware of. > Or is there any way to feed the journald logs the ossecagent? > Or am I supposed to install rsyslog and forward the logs to the ossec server? > Any way to feed ossec with logevents from elasticsearch? > Nothing built in. You could write a script to query ES and output the information to a file, and have OSSEC monitor that file. > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
