The OSSEC team announced the general availability of OSSEC version 2.5.
- Added support for “report_changes” on syscheck to show what was changed in the file modification alert.
- Added support for cdb lists inside the rules.
- Added support for drop-in rules and decoders directory.
- Added a Rule unit testing framework (in python) and inside logtest
- Added support for a generic multi-line log reader.
- Added granular Windows rules.
- Added option to restrict integrity checking to a set of files.
- Added alias option to the command monitoring.
- Added silent switch for windows installer.
- Added variable expansion in command output monitoring.
- Fixed several Windows installer bugs.
For more information on OSSEC read our interview with the project founder.