This scenario serves as a guide on how to:
Analyze logs and generate alerts using OSSEC HIDS.
OBJECTIVES AND OUTCOME:
After completing this scenario you will be able to:
– Analyse Logs with OSSEC.
– Know how OSSEC generates alerts.
– Test logs using OSSEC’s inbuilt logtrst tool.
– Write custom decoders.
Define custom rules.
– Test custom decoders and rules OSSEC and PCI compliance.
There is no competence required for this scenario.
There are no recommended readings for this scenario.
This scenario was created by George Thuo.