On Thu, Sep 27, 2012 at 3:55 PM, T STONE <[email protected]> wrote: > Yes, true. While I have Ossec monitoring systems in a non-AWS environment > and alerting properly, there is some idea that AWS can also provide that > functionality. From what I have seen, the move would be to use them > together. > > I was hoping there was someone here that has some personal experience with > it and might offer some insight. >
It'd be great if you explained what part of cloudwatch you think is comparable to OSSEC. I haven't seen anything that provides any of the OSSEC functionality so far... > ________________________________ > From: dan (ddp) <[email protected]> > To: [email protected] > Sent: Thursday, September 27, 2012 12:50 PM > Subject: Re: [ossec-list] OSSEC vs AWS Cloudwatch..or Cloudwatch with OSSEC? > > On Thu, Sep 27, 2012 at 3:44 PM, tstoneami <[email protected]> wrote: >> HI Folks; >> >> My company is close to deploying a web site on AWS, and has Cloudwatch >> enabled. From everything I have seen so far, CW does some basic system >> monitoring out of the box, and you can write custom scripts to do more - >> although I haven't located the docs for that yet... >> >> My question: Can anyone recommend a course of action? I have seen AWS >> recommend OSSEC for intrusion detection as a best practice, but not for >> log >> analysis. Is there any knowledge out there on this? Has anyone used OSSEC >> in combination with Cloudwatch? >> >> Thanks for any input, >> >> Troy >> > > I must be missing something, because these features don't seem to be > competing with OSSEC in any way: http://aws.amazon.com/cloudwatch/ > >
