Friday, January 29, 2016


If you are looking for a centralized IDS logging solution with real time elastic search capabilities and security event classification, trending I'd highly recommend Wazuh based on Elasticsearch, Logstash and Kibana (ELK) stack and its own fork of OSSEC.  Customizable, importable visualizations and loadbalanced scalability make this opensource project robust and valuable.

When following the implementation guide, make sure to use the OSSEC 2.9 fork