security elements.
A:The deployment
I thinks is very simple, but the first step is colected all information about
you configuration items (ITIL concept).
IP Hostname ServiceID agent
Q:What can we do ?
centralize all the log we want to analyse in one server ? What 's
about the network flow ? How does I know if ossec can deal with all
log entry ?
A: The network
flow is minimal but I warning with domain controller logs these expensive, the bandwidth
is low but de administration is heavy.
Q: put ossec client on the server and centralized logs where I don't have
the possibility to install a client ?
A: http://www.ossec.net/main/manual/manual-agentless-monitoring/
other ?
My question stay, is ossec dealing with all the log ? How does a know
that certain logs don't pass through ?
How does I
scale my server ?3 GB RAM (for 150 is ok I think)
Dimitri.-
http://deoxyt2.livejournal.com
OpenBSD - Free, Functional & Secure
----- Mensaje original ----
De: dav_cict <dle...@cict.fr>
Para: ossec-list <ossec...@googlegroups.com>
Enviado: lun,23 noviembre, 2009 10:32
Asunto: [ossec-list] scale ossec server
Hello,
We're are testing OSSEC in my University and the product seems clearly
interesting.
.........