This is a stability release, with heavy focus on bugfixes, code cleanup, and a few new features. Trend OSCE (Office scan) support has been added with rules to properly monitor and analyze Trend logs. Wordpress is a popular blogging platform with very little logging by default. This release has a plugin to extend its logging capabilities, and rules on OSSEC to monitor it. There is support for vpopmail, roundcube, Netscreen IDS, and a few more log formats.
This version comes with numerous new features, including support for compiled (C-based) rules, new reporting tools, and agentless monitoring to allow file integrity checking on network devices (including firewalls, routers, etc). It also comes with support for new log formats, including Checkpoint logs, Yum, and a few more.
This version delivers the most comprehensive update to OSSEC in its history, with numerous new features including support for Microsoft Vista (and Server 2008), VMware ESX, active response on Windows, CIS benchmarks on Linux (through the policy auditing), VMWare Security hardening guidelines, McAfee Virus Scan Enterprise logs, VMware ESX hostd logs, Mac OS FTP server logs, and much more.
This release comes with numerous new features, including new LIDS (log-based IDS) support for Solaris BSM, Asterisk, Checkpoint, Postfix SASL, Smart Defense, Debian package, and Shorewall logs. It also comes with support for localized Pure-FTPd log messages (in more than 12 different languages) and DJB multilog. Installation was translated to Greek, and the agent_control tool was added to better manage the agents directly from the server.
This release comes with many bugfixes and major new features, including support for reading database logs (PostgreSQL and MySQL), support for Prelude output, and support for storing the alerts in external databases. In addition, rules for Sonicwall, HP-UX ftpd, AIX 5.3, and Postfix were added.