nxlog on CentOS 6.5: A Review

I want to implement a modern logging architecture using JSON structured data and elasticsearch. Ye Olde Syslog is not good enough. The version of rsyslog that comes as default on CentOS is old and lacks the functionality I need. My… Read More ›

A Few Notes on Logstash

Logstash is a popular logging component so I have been experimenting with it. Its primary role in a logging architecture is message translator. It works like this: it receives a log message from an input source, translates the message from… Read More ›

Initial Thoughts on OSSEC

OSSEC is a type of security application called a “host based intrusion detection system” (HIDS). It provides the following features: File integrity checking like aide and TripWire rootkit detection log analysis and alerting limited remediation It uses a client/server architecture… Read More ›

Clamav and Centos 6: Part 1

I’m going to explain how to install the open source anti-virus software clamv on CentOS 6 systems. It will take two parts. In the first I will try to describe its subsystems, in the second I will provide an Ansible… Read More ›

CentOS Security Guides

Security Meets CM As part of building my CentOS role in Ansible I been looking for best practice guides. When I found the security guides I hit the jackpot. These guides provide detailed instructions how to configure CentOS. In the… Read More ›