OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together in a simple, powerful and open source solution. It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
OSSEC watches it all, actively monitoring all aspects of system activity with file integrity monitoring, log monitoring, rootcheck, and process monitoring. With OSSEC you won’t be in the dark about what is happening to your valuable computer system assets.
When attacks happen OSSEC lets you know through alert logs and email alerts sent to you and your IT staff so you can take quick actions. It also exports alerts to any SIEM system via syslog so you can get real-time analytics and insights into your system security events.
Got a variety of operating systems to support and protect? OSSEC has you covered with comprehensive host-based intrusion detection across multiple platforms including Linux, Solaris, AIX, HP-UX, BSD, Windows, Mac and VMware ESX.