I guess I didn’t keep my promise to push my OSSEC changes into the open source world as often as I would wanted.
Last one was 6 months ago, but at least I made up with some nice new features:
This release, includes:
Changes with 2015-12 -Feature: Added integratord -Feature: Added slack and pagerduty support to integratord -Feature: New signature for the Joomla RCE -Bug fix: WordPress decoder to work with the latest plugin. Changes with 2015-11 -Feature: Added GeoIP support by default -Bug fix: Cleaned up noisy rules -Bug fix: Segfault on reported when srcip filter was being used.
The big news is ossec-integratord and having GeoIP support by default on OSSEC.
You can download this release from: http://dcid.me/ossec
Full changelog: http://dcid.me/ossec-packages/CHANGELOG.txt
Hopefully we will get that merged into the official github fork (if time permits).