{"id":218,"date":"2007-10-21T22:29:00","date_gmt":"2007-10-21T22:29:00","guid":{"rendered":"https:\/\/defragged.org\/ossec\/?p=218"},"modified":"2020-07-02T22:30:02","modified_gmt":"2020-07-02T22:30:02","slug":"ossec-sguil","status":"publish","type":"post","link":"https:\/\/defragged.org\/ossec\/2007\/10\/ossec-sguil\/","title":{"rendered":"OSSEC -> Sguil"},"content":{"rendered":"\n<p><a href=\"http:\/\/blog.vorant.com\/\">David Bianco<\/a>&nbsp;released a test version of an agent that can take events from<br>OSSEC and insert them into&nbsp;<a href=\"http:\/\/www.sguil.net\/\">Sguil<\/a>&nbsp;as alerts. This is his full msg to the ossec-list:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>I\u2019ve put together a test release of an agent that can take events from<br>the OSSEC alert.log and insert them into Sguil as alerts. It\u2019s based<br>on the example agent that comes with sguil 0.7.0 (in CVS). It\u2019s pretty<br>rough code at the moment, but I think I got most of the crash bugs out<br>of it. Still, I wouldn\u2019t run it on production Sguil servers without<br>testing it yourself.<\/p><p>You can fetch the code from:<\/p><p><a href=\"http:\/\/www.vorant.com\/files\/ossec_agent-0.01.tar.gz\">http:\/\/www.vorant.com\/files\/ossec_agent-0.01.tar.gz<\/a><\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>David Bianco&nbsp;released a test version of an agent that can take events fromOSSEC and insert them into&nbsp;Sguil&nbsp;as alerts. This is his full msg to the ossec-list: I\u2019ve put together a test release of an agent that can take events fromthe OSSEC alert.log and insert them into Sguil as alerts. It\u2019s basedon the example agent that [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[],"_links":{"self":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/218"}],"collection":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/comments?post=218"}],"version-history":[{"count":1,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/218\/revisions"}],"predecessor-version":[{"id":219,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/218\/revisions\/219"}],"wp:attachment":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/media?parent=218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/categories?post=218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/tags?post=218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}