OSSIM is a one-stop-shop for host and security monitoring - more details can be found at OSSIM (Open Source Security Information Management)
Anyway... it looks rather interesting, combining NESSUS, Nagios, OCS, Snare, Osiris...
The only problem is that the documentation is pretty poor IMHO.
localzuk (7th October 2008)
Hmm... I'll take a look at this, as it would be useful for centralising logging, and other monitoring - something I've been tasked with for these data protection rules.
I've had a play with it and it looks quite useful. I've got it set up with snare agent on one of our servers, sending windows events to the central location. I've also got it doing the OCS-NG bit, and a few other bits and pieces.
One thing - it is *very* resource hungry! I gave it a VM machine with 2 processors, 2GB ram and 24GB hard disk and it ran out of memory after about an hour. I'll keep on playing and hopefully figure out a good amount of memory for it.
I did notice that... I threw a little more RAM at it (4GB IIRC) and it still ate it all.Originally Posted by localzuk
I had it crashing with too little memory with 2GB so increased to 3.5GB and it then seemed to be happy. I think it is just one or 2 tasks that eat all the memory, as it only shoots up occasionally.
I've got it working now with snare and ocs. Just figuring out the remaining bits now...
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote