Thursday, May 21, 2015

New securityonion-sguil-agent-ossec package resolves three issues

Brian Kellogg sent some patches for our ossec_agent for Sguil and I've updated the package.  The new package has been tested by David Zawdie and Brian Kellogg (thanks!).

The new package version is:
securityonion-sguil-agent-ossec - 20120726-0ubuntu0securityonion15

Issues Resolved

Issue 705: ossec_agent: improvements from Brian Kellogg

Issue 716: ossec_agent: tighten regex to only look for -> anchored to hostname or IP

Issue 717: ossec_agent: send alerts to sguild immediately instead of waiting for next alert

The new package is now available in our stable repo.  Please see the following page for full update instructions:

If you have any questions or problems, please use our security-onion mailing list:

Need training?  We have 3-hour online classes this week:

Commercial Support
Need commercial support?  Please see:

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:


No comments:

Search This Blog

Featured Post

Top 5 Reasons to Sign Up for our 4-day Security Onion Fundamentals for Analysts & Admins Class in June 2024

Security Onion Solutions has been teaching Security Onion classes since 2014. Since that time, we've taught students around the globe to...

Popular Posts

Blog Archive