OSSEC - OSSEC
version 0.1
The OSSEC distribution is a collection of perl modules and scripts simplifying working with OSSEC(https://www.ossec.net/) from Perl.
This is the main module of the OSSEC distribution. It provides OSSEC configuration file parsing to read database credentials from it.
Using methods of the OSSEC module makes sure that the base path to OSSEC is always set in the other modules.
Base path to the OSSEC installation. default /var/ossec
Type: String
Have database credentials been found when parsing the OSSEC configuration file
Type: Boolean (0/1)
database server to conect to default localhost
database user to use to connect to server default ossec
database password to use to connect to server
database to use to connect to server default ossec
XML::LibXML::Document object of the ossec configuration file
Type: XML::LibXML::Document
Method is called before constructing the object with new. It checks if a OSSEC configuration file can be found, loads it and checks if database credentials are available.
Method to simplify obtaining an OSSEC::Log instance for logging active response actions.
no parameters are required
Method to simplify obtaining an OSSEC::MySQL instance. This method makes sure that all database parameters from the OSSEC configuration file are provided to OSSEC::MySQL without user support.
use strict; use warnings; use OSSEC; use Try::Tiny; use Data::Dumper; # get an OSSEC instance with the default OSSEC path (/var/ossec) my $ossec = OSSEC->new(); # check if mysql is available die("no mysql") unless $ossec->mysqlAvail(); # get us logging for active response my $log = $ossec->arLog(); # log something $log->info("test-active-response", "we are just testing"); # search for an alert my $mysql = $ossec->mysql(); my $alert; try { $alert = $mysql->searchAlert("1576795884.47756102"); } catch { die("Error occured or no alert found: " . $_); }; print Dumper($alert);
Domink Meyer <dmeyer@federationhq.de>
This software is Copyright (c) 2019 by Dominik Meyer.
This is free software, licensed under:
The GNU General Public License, Version 3, June 2007
To install OSSEC, copy and paste the appropriate command in to your terminal.
cpanm
cpanm OSSEC
CPAN shell
perl -MCPAN -e shell install OSSEC
For more information on module installation, please visit the detailed CPAN module installation guide.