Supported Systems

OSSEC supports the following operating systems and log formats.

Operating Systems

The following operating systems are supported by the OSSEC agent:

  • GNU/Linux (all distributions, including RHEL, Ubuntu, Slackware, Debian, etc)

  • Windows XP, 2003, Vista, 2008, 2012

  • VMWare ESX 3.0,3.5 (including CIS checks)

  • FreeBSD (all current versions)

  • OpenBSD (all current versions)

  • NetBSD (all current versions)

  • Solaris 2.7, 2.8, 2.9, 10 and 11.4

  • AIX 5.2 and 5.3

  • Mac OS X 10.x

  • HP-UX 11

Devices supported via Syslog

These systems/devices are also supported via remote syslog:

  • Cisco PIX, ASA and FWSM (all versions)

  • Cisco IOS routers (all versions)

  • Juniper Netscreen (all versions)

  • SonicWall firewall (all versions)

  • Checkpoint firewall (all versions)

  • Cisco IOS IDS/IPS module (all versions)

  • Sourcefire (Snort) IDS/IPS (all versions)

  • Dragon NIDS (all versions)

  • Checkpoint Smart Defense (all versions)

  • McAfee VirusScan Enterprise (v8 and v8.5)

  • Bluecoat proxy (all versions)

  • Cisco VPN concentrators (all versions)

  • VMWare ESXi 4.x

Devices and Operating Systems via Agentless

Using OSSEC agentless options, the following systems are also supported (for log analysis and file integrity checking):

  • Cisco PIX, ASA and FWSM (all versions)

  • Cisco IOS routers (all versions)

  • Juniper Netscreen (all versions)

  • SonicWall firewall (all versions)

  • Checkpoint firewall (all versions)

  • All operating systems specified in the “operating systems” section