OSSEC 2.4 released

The OSSEC team is pleased to announce the general availability of OSSEC version 2.4.

There are lots of new features and bug fixes, but these are the main changes:

  • Added daily email summaries/reports.
  • Added option to alert when a log or command output changes – check_diff.
  • Added rules to ignore crawlers causing 404s (MSN, Google, Yahoo, etc).
  • Improved ossec-logtest to be used for the forensic analysis of log files
  • Added support for Microsoft Security Essentials logs.

And a few important bug fixes:

  • Fixed a memory leak on the Windows agent that was not properly closing the sockets. It would cause a port exhaustion if the manager becomes unavailable for a long period of time.
  • Fixed performance issue when the FTS queue was too large.

Don't miss