The OSSEC team is pleased to announce the general availability of OSSEC version 2.4.
There are lots of new features and bug fixes, but these are the main changes:
- Added daily email summaries/reports.
- Added option to alert when a log or command output changes – check_diff.
- Added rules to ignore crawlers causing 404s (MSN, Google, Yahoo, etc).
- Improved ossec-logtest to be used for the forensic analysis of log files
- Added support for Microsoft Security Essentials logs.
And a few important bug fixes:
- Fixed a memory leak on the Windows agent that was not properly closing the sockets. It would cause a port exhaustion if the manager becomes unavailable for a long period of time.
- Fixed performance issue when the FTS queue was too large.