I have used OSSEC for the past three years and believe it is an excellent IDS. The rule set is expansive and flexible. It also encrypts all communication between the agents and the server. Also, check out the WUI. It has got pretty decent search functionality. Not on the order of Splunk but, it gets the job done.
Thanks, Chris Rimondi
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
