1. Daniel Cid
  2. ossec-hids

Overview

OSSEC

OSSEC is an open source Host-Based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine that integrates log analysis, file integrity monitoring, centralized policy enforcement, rootkit detection, real-time alerting, and active response.

It provides a pretty complete coverage if you are looking for endpoint (server) monitoring.

Installation

If you have not used OSSEC before, I recommend reading this guide to get started:

http://dcid.me/texts/my-ossec-setup-manual.html

More details here:

http://dcid.me/ossec