util.sh

The util.sh shell script can add a log file to be monitored by ossec-logcollector. It can also add a full_command to check for changes to a website, or for changes to the nameserver of a domain.

A blogpost from Daniel Cid (for 3WoO) introduced this utility.

addfile <filename> [<format>]

Add a log file to be monitored by ossec-logtest <ossec-logtest>

A local file will be added to the ossec.conf <reference_ossec_conf>

addsite <domain>

Monitor a website for changes.

A full_command will be added to the ossec.conf <reference_ossec_conf> using lynx to dump the initial page.

A rule can be written to monitor this output for changes.

Requires lynx

adddns <domain>

Monitor the nameserver of a domain for changes.

A full_command will be added to the ossec.conf <reference_ossec_conf> using the host command.

Note

addsite may not be useful on pages with dynamic content.

Note

addns Requires the host command.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

util.sh.rst

util.sh.rst

util.sh

Files

util.sh.rst

Latest commit

History

util.sh.rst

File metadata and controls

util.sh