OSSEC Training image for ISLET
Training for OSSEC. Unsafe, runs as root because OSSEC requires that.
- Tarball in /root, untar, compile, and install
- Start Rsyslog: service rsyslog start
- Start OSSEC: /var/ossec/bin/ossec-control start
- Edit ossec.conf to monitor log files in /var/log/
- Read alerts file: tail -f /var/ossec/logs/alerts/alerts.log
- Write rules, configure e-mail, etc.
Docker Pull Command