I guess I didn’t keep my promise to push my OSSEC changes into the open source world as often as I would wanted.
Last one was 6 months ago, but at least I made up with some nice new features:
This release, includes:
Changes with 2015-12
-Feature: Added integratord
-Feature: Added slack and pagerduty support to integratord
-Feature: New signature for the Joomla RCE
-Bug fix: WordPress decoder to work with the latest plugin.
Changes with 2015-11
-Feature: Added GeoIP support by default
-Bug fix: Cleaned up noisy rules
-Bug fix: Segfault on reported when srcip filter was being used.
The big news is ossec-integratord and having GeoIP support by default on OSSEC.
You can download this release from:
https://dcid.me/ossec
Full changelog:
http://dcid.me/ossec-packages/CHANGELOG.txt