[ossec-list] Re: CIS Benchmarking

Hi Charles, You can perform audits using CIS Benchmarks by integrating with CIS-CAT. I will leave here a link with some information about it. Remember that you require CIS-CAT Pro licence.

[ossec-list] Re: How to configure OSSEC-window & Linux agents

Hi Pruthvi, You can use Ansible for this. Ansible is an open-source platform designed for automating tasks. It comes with Playbooks, a descriptive language based on YAML, that make it easy to create and describe automation jobs. Also, Ansible communicates with every host over SSH, making it ver

[ossec-list] Re: Ossec Active Response support windows machine nr linux machine??

Hi, Sure, it supports both Windows and Linux machines. You can check here the default script for each SO. Also, for further information, I will leave here a lin

[ossec-list] Re: Order of Ossec rule matching engine

Hi Gopal, Once an alert is triggered, *analysisd* tries to match every existing rule. Once one rule matches, (the level of this first rule matching is not relevant), *analysisd* starts looking for this first rule children. If two or more children match, the rule with the higher level will be se