OSSEC is amazing tool and helps you be more secure by notifying you of any potential problems. However when it comes to monitoring web servers some additional configuration is necessary to get it working properly. In this quick write up we will look into making changes to default configuration when OSSEC running on web server.
In this how to we will be installing OSSEC Host based intrusion detection system on CentOS 7. We will be using clinet/server deployment which is recomended way to deploy OSSEC on the network where more then one system will be monitored.