OSSEC Documentation

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows. A list with all supported platforms is available at: Supported Systems

Note

OSSEC+ extends OSSEC with additional capabilities such as ELK integration, community threat sharing, and machine learning. Registration is free.

Getting Started

Manual

Reference

Release Notes

FAQ & Cookbooks

Development

Indices and tables