Yes, true. While I have Ossec monitoring systems in a non-AWS environment and alerting properly, there is some idea that AWS can also provide that functionality. From what I have seen, the move would be to use them together.
I was hoping there was someone here that has some personal experience with it and might offer some insight. ________________________________ From: dan (ddp) <[email protected]> To: [email protected] Sent: Thursday, September 27, 2012 12:50 PM Subject: Re: [ossec-list] OSSEC vs AWS Cloudwatch..or Cloudwatch with OSSEC? On Thu, Sep 27, 2012 at 3:44 PM, tstoneami <[email protected]> wrote: > HI Folks; > > My company is close to deploying a web site on AWS, and has Cloudwatch > enabled. From everything I have seen so far, CW does some basic system > monitoring out of the box, and you can write custom scripts to do more - > although I haven't located the docs for that yet... > > My question: Can anyone recommend a course of action? I have seen AWS > recommend OSSEC for intrusion detection as a best practice, but not for log > analysis. Is there any knowledge out there on this? Has anyone used OSSEC > in combination with Cloudwatch? > > Thanks for any input, > > Troy > I must be missing something, because these features don't seem to be competing with OSSEC in any way: http://aws.amazon.com/cloudwatch/
