[osiris-devel] osiris + NOC

Alexei_Roudnev Alexei_Roudnev at exigengroup.com
Mon Sep 13 13:20:52 EDT 2004 

I did a simple thing:
- I have Unix (FreeBSD) management server and WEb with ops authentication;
- I installed mhonarc and creted folders for alerts, wrnings and changes;
- all osiris reports are duplicated intothis 'change' archive

As a result, I have WEB image of all changes, looking like this (below) , and use it for daily change reviewes. 
(Of course, osiris require good web reporting, but Brian hate this idea, so it was never developed. As a result, let's help yourself).


      back A U D I T alerts warnings reports audits  staging bounced 

--------------------------------------------------------------------------------
      September 13, 04 
      09:10 Re: scan log - [host: EQXpFE03][+0 -0 !=1 total 3 changes] Ian_Hopper  
      02:30 scan log - [host: EQXpFE03][+0 -0 !=1 total 3 changes] Osiris IDS  
      02:05 scan log - [host: secmon1][+0 -0 !=0 total 0 changes] Osiris IDS  
      00:00 *** STG2 virus secmon  
      September 12, 04 
      23:43 scan log - [host: imxwf01][+0 -0 !=2 total 7 changes] Osiris IDS  
      22:15 scan log - [host: clxwf02][+74 -1 !=2 total 82 changes] Osiris IDS  
      21:52 failed to start scheduled scan [host: clxstgwf02] Osiris IDS  
      21:27 failed to start scheduled scan [host: sjcswf04] Osiris IDS  
      15:51 *** STG2 virus secmon  
      02:30 scan log - [host: EQXpFE03][+0 -0 !=1 total 3 changes] Osiris IDS  
      02:05 scan log - [host: secmon1][+0 -0 !=0 total 0 changes] Osiris IDS  
      00:00 *** STG2 virus secmon  
      September 11, 04 
      23:40 failed to start scheduled scan [host: imxwf01] Osiris IDS  
      22:15 scan log - [host: clxwf02][+74 -1 !=2 total 82 changes] Osiris IDS  
      15:51 *** STG2 virus secmon  
      02:30 scan log - [host: EQXpFE03][+0 -0 !=1 total 3 changes] Osiris IDS  
      02:06 scan log - [host: secmon1][+0 -0 !=0 total 0 changes] Osiris IDS  
      01:03 *** STG2 virus secmon  
      00:00 *** STG2 virus secmon  

  ----- Original Message ----- 
  From: phillip at fiu.edu 
  To: osiris-devel at lists.shmoo.com 
  Sent: Monday, September 13, 2004 7:05 AM
  Subject: [osiris-devel] osiris + NOC



  Hello, 

  As we are evaluating Osiris to replace our Tripwire implementation the question of using it in a NOC has come up. Are there any type of GUI interfaces or plugins to Nagios available or in the works? If not are does any one have ideas on ways to review changes on all systems from a central location, other than the email alerts that Osiris sends out? 

  Thanks! 


  Your friendly neighborhood SA,
  phiLLip


------------------------------------------------------------------------------


  _______________________________________________
  osiris-devel mailing list
  osiris-devel at lists.shmoo.com
  https://lists.shmoo.com/mailman/listinfo/osiris-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/osiris-devel/attachments/20040913/62c3f581/attachment.htm

More information about the osiris-devel mailing list