* Artien Bel <artien....@topicus.nl> [2014-06-18 15:33:09 +0200]:
I'm sure there's no technical inability to do this with OSSEC, but I
feel the effort to create this could be put to better use working on
features/bugfixes that have to do with it's primary task; which is being
a HIDS. But if someone submits a pull request to allow reliable log
transfer and there is an option to disable it so that you're not forced
to use it, I would have no objection obviously.
This is for me :) I am thinking about doing something with Logging for
ossec. I hate logall it is not complete and not a workable long term
solution *I MY MIND*. Making OSSEC a central logging system is
something *I* might do as it is lining up with something else I am
working on for OSSEC. In a very roundabout way I am using the mailing
list to see if spending any of my time on this is worth it.
If someone does a pull request ands the feature and it makes sense I
would love that even better ;)
Perhaps my requirements are just vastly different from other people's.
Infrastructure setup,content routing depending on source or content,
legal requirements, etc. might be quite different from what most people
would want to use this for.
No, my use for OSSEC falls into line with yours, but #ossec and the
mailing list chatter about "logall" is so common I am thinking what
others expect.
--
---
You received this message because you are subscribed to the Google Groups "ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
