Supported Systems

OSSEC supports the following operating systems and log formats.

Operating Systems

The following operating systems are supported by the OSSEC agent:

• GNU/Linux (all distributions, including RHEL, Rocky, Ubuntu, Suse, Debian, etc)

• Windows XP, 2003, Vista, 2008, 2012, 2016, 2019, 2022, 10, 11

• VMWare ESX 3.0,3.5 (including CIS checks)

• FreeBSD (all current versions)

• OpenBSD (all current versions)

• NetBSD (all current versions)

• Solaris 2.7, 2.8, 2.9, 10 and 11.4

• AIX 7.2, 7.3

• Mac OS X 10.x+

• HP-UX 11

Devices supported via Syslog

These systems/devices are also supported via remote syslog:

• Cisco PIX, ASA and FWSM (all versions)

• Cisco IOS routers (all versions)

• Juniper Netscreen (all versions)

• SonicWall firewall (all versions)

• Checkpoint firewall (all versions)

• Cisco IOS IDS/IPS module (all versions)

• Sourcefire (Snort) IDS/IPS (all versions)

• Dragon NIDS (all versions)

• Checkpoint Smart Defense (all versions)

• McAfee VirusScan Enterprise (v8 and v8.5)

• Bluecoat proxy (all versions)

• Cisco VPN concentrators (all versions)

• VMWare ESXi 4.x

Devices and Operating Systems via Agentless

Using OSSEC agentless options, the following systems are also supported (for log analysis and file integrity checking):

• Cisco PIX, ASA and FWSM (all versions)

• Cisco IOS routers (all versions)

• Juniper Netscreen (all versions)

• SonicWall firewall (all versions)

• Checkpoint firewall (all versions)

• All operating systems specified in the “operating systems” section