OSSEC v2.5 released

We are very happy to announce the availability of OSSEC version 2.5.

This has been a long release cycle (5 months), but it comes out pretty stable and with many new features. We also had many contributors, showing how much our community is growing and getting stronger. In addition to that, our documentation and manual has been moved to http://www.ossec.net/doc/ .

What is new?

  1. Added support for “report_changes” on syscheck to show what was changed in the file modification alert.
  2. Added support for cdb lists inside the rules.
  3. Added support for drop-in rules and decoders directory.
  4. Added a Rule unit testing framework (in python) and inside logtest
  5. Added support for a generic multi-line log reader.
  6. Added granular Windows rules.
  7. Added option to restrict integrity checking to a set of files.
  8. Added alias option to the command monitoring.
  9. Added silent switch for windows installer.
  10. Added variable expansion in command output monitoring.
  11. Fixed several windows installer bugs.


And a lot more. Check the full change log here.

Download the new version from http://www.ossec.net/main/downloads

*Special thanks to Jeremy Rossi, Dan Parriott, Scott R. Shinn and Michael Starks for the many contributions, patches and tests.





Posted in   ossec   releases     by Daniel Cid (dcid)

Coding for fun and profit. Often fun and little profit.