Sort of. One of the things I did with OSSEC and mySQL - as i had critical tables that I wanted to know when they were being accessed, was to create a mySQL trigger that would write a logfile entry anytime the table was access with all the information needed. OSSEC of course picked this up and alerted me.
Take a loog here - http://www.mysqltutorial.org/create-the-first-trigger-in-mysql.aspxhttp://www.mysqltutorial.org/create-the-first-trigger-in-mysql.aspx And they have a good example showing an . "Employees" table that they want to keep track of. It is not that hard, and performance hit is negligible. Obviously if you tried to do a trigger on each insert for the entire database, that would kill it, but . you can do a lot of creative things with OSSEC. Cheers Kat On Sunday, January 8, 2017 at 7:19:34 AM UTC-6, Mike Hammett wrote: > > My current centralized logging environment stores syslog in MySQL. Can > OSSEC watch a SQL database instead of a file? > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
