We are pleased to announce the availability of OSSEC version 1.2. This new version comes with lots of new features, including:
- Support for OpenBSD PF logs.
- Support for compiled (c-based) decoders.
- New options for composite rules: “srcport”, “dstport”, “same_src_port”, “same_dst_port” and
“same_location”. - Additional granular e-mail options. We added “sms” format output and many other options.
- Support for Zeus WebServer logs.
- Support for daily/chained checksum of alert logs.
We also completed a large re-design of the internal architecture of analysisd (ossec process responsible for decoding and analysis), greatly improving performance and organization.
A list with all the new functionality and bug fixes is available at the Changelog.
Download the new version: http://www.ossec.net/en/downloads.html