OSSEC supports MySQL and PostgreSQL database outputs.
These configurations options can be specified in the server or local install ossec.conf file.
IP Address of the database server.
Allowed: any valid IP address
Username to access the database.
Allowed: Any Valid Username
Password to access the database.
Allowed: Any Password
Database name to store the alerts.
Allowed: database name
Type of database (Mysql or PostgreSQL).
OSSEC must be compiled with the database type that is to be used.
You must have the MySQL or PgSQL Client libraries installed on the OSSEC server.
Before you run the ”./install.sh” script execute the following to compile OSSEC with database support.
# cd ossec-hids-* # cd src; make setdb; cd .. # ./install.sh
After installation is complete database support needs to be enabled. The following command will enable the database daemon on the next restart.
# /var/ossec/bin/ossec-control enable database