OSSEC Help: Training Videos, How-To Docs, Access to OSSEC Support Channel
Welcome to the OSSEC support and community page. Here, you will find the OSSEC help you need to get more out of your OSSEC host-based intrusion detection system (HIDS), whether it’s addressing cybersecurity KPIs, regulatory compliance, or risk mitigation. We have structured the OSSEC community support page to offer: 1) a Q&A structure providing OSSEC help for frequently asked questions, 2) OSSEC conference training videos and how-to-documentation, 3) a little about Atomicorp and its advanced OSSEC-based software, services, and professional support, 4) video tutorials for using Atomic OSSEC, including agent installation and configuration on Linux and Windows, and file integrity monitoring (FIM) for compliance and real-time detection, and 5) access to our Atomic OSSEC community and forums on Slack.
OSSEC Q&A: Getting OSSEC Support
- Where can I install an OSSEC hub and agent? Options range from a free OSSEC rule set to an enterprise solution equipped with a wide set of multiplatform detection and response controls and a GUI for analysis and easier reporting. Visit the OSSEC.net homepage.
- Are there helpful instructions for installing and managing OSSEC? Yes, try our OSSEC Conference video recordings and the OSSEC documentation page.
- Is there a free version of OSSEC and what are its limitations? Yes, visit this website’s homepage.
- If I am a free user, can I get fast and relevant OSSEC support? We offer instructional OSSEC materials and access to additional content and OSSEC community on our Slack support channel. To seek professional-level OSSEC support and get daily system enhancements, schedule a demo, or Contact Us.
OSSEC Training Videos and How-to Documentation
OSSEC support documents and videos cover OSSEC agent and hub installation and configuration, OSSEC Windows and OSSEC Linux installation, log monitoring analysis, FIM configuration for compliance, how you can integrate a dashboard GUI for analysis and reporting, and more.
Visit the OSSEC documentation page for the answers to additional FAQs.
Check out the OSSEC conference video library.
The Atomic OSSEC Edge
OSSEC is a popular intrusion detection and compliance foundation, but its scope and agility are limited when considering the full threat and vulnerability landscape. Atomicorp offers free OSSEC HIDS packages, but enterprise users who require frequent functionality updates and support are advised to take advantage of our premium Atomicorp OSSEC XDR offering, Atomic OSSEC.
Available for as low as $55 per agent per year, our premium Atomicorp OSSEC package, Atomic OSSEC, adds:
More rules and frequent updates. Get 5X the number of rules as other OSSEC packages, daily software updates, and expert configuration support.
Central AV management. Atomicorp optimizes AV management, taking the best of ClamAV and VirusTotal and making AV and antimalware easier to orchestrate and more efficient through the Atomicorp hub (92 percent reduction in memory usage on Linux and AIX).
Vulnerability scanning. You won’t need add-ons to detect CVEs and fix vulnerabilities and common weaknesses. Atomic OSSEC integrates crowdsourced global threat intelligence and MITRE CVE benchmarking and detection to find and resolve bugs, backdoors, and flaws in the software files and systems you scan.
Better file integrity monitoring (FIM). Monitor more than just files, keeping your databases, servers, and cloud environments free of integrity issues. Automatic log management discovers discrepancies and mitigates false alarms, which free OSSEC can generate. Atomic OSSEC FIM can be run in real-time and continuously to catch traces of intrusion that timer-based FIM can miss.
Extended legacy and EOL OS support. We continue to protect legacy systems where an upgrade is not possible, with crucial endpoint and cloud workload protection reinforcement across AIX, Solaris, and Linux and Windows legacy and EOL OSs.
Active response. From real-time log analysis, our primary engine creates alerts and response actions for high-confidence malicious events, while data from low-confidence events that are new to the engine are fed into a machine-learning, unsupervised clustering model that looks for new patterns and helps to determine if a pattern should be included in response actions. This approach provides a multi-faceted capability to address unknown conditions quickly and effectively by categorizing and summarizing large data sets, reducing false positives and false negatives, and identifying previously unknown attack signatures.
Compliance. Atomic OSSEC provides a compliance hardening system and compliance auditor. The agents scan the system at startup and on a specified schedule against a variety of compliance requirements including PCI DSS, HIPAA, GDPR, and NIST 800-53 and 800-171. The agents identify where there are differences, and with the Atomic OSSEC security hub’s instructions, the OSSEC agents can make the adjustments to meet the compliance controls.
A built-in dashboard GUI. Extend the scope of your SIEM beyond the command line interface (CLI) into dashboards and a graphical user interface for reporting and visualization, so security analysts and compliance stakeholders can benefit as well.
Professional support. Dedicated expertise to help you get the most out of your advanced OSSEC HIDS implementation, enabling the system to do more for you.
Multiplatform support. Atomic OSSEC provides endpoint protection across Red Hat Linux Enterprise (RHEL), Ubuntu, Debian, Windows, macOS, CentOS, Solaris, HP-UX, and additional OS platforms. (See Table 1.)
And a lot more.
Table 1: Atomic OSSEC Supported Platforms
Supported Platforms:
| OS | OSSEC+ | Atomic OSSEC |
|---|---|---|
| Centos/RHEL 7 | ✓ – x86_64 | ✓ – x86_64 |
| Centos/RHEL/Rocky Linux 8 | ✓ – x86_64 | ✓ – x86_64 |
| RHEL/Rocky Linux 9 | X | ✓ – x86_64 |
| OS | OSSEC+ | Atomic OSSEC |
|---|---|---|
| Amazon Linux 2 | X | ✓ – x86_64, aarch64/ARM64 |
| Amazon Linux 2023 | X | ✓ – x86_64, aarch64/ARM64 |
| RHEL/Centos 5/6 | X | ✓ – x86_64, i686 |
| RHEL/Centos 7 | ✓ – x86_64 | ✓ – x86_64, i686 |
| RHEL/Centos/Rocky 8 | ✓ – x86_64 | ✓ – x86_64, aarch64/ARM64, PPC, S390 |
| RHEL/Rocky 9 | X | ✓ – x86_64, aarch64/ARM64, PPC, S390 |
| Windows to Current (all platforms) | ✓ – 32 and 64bit | ✓ – 32 and 64bit |
| Debian 11 and 12 | X | ✓ – x86_64, aarch64/ARM64 |
| Redhawk Linux 6/7/8 | X | ✓ – x86_64 |
| Oraclelinux 7/8/9 | X | ✓ – x86_64, aarch64/ARM64, PPC, S390 |
| Ubuntu 18/20 | ✓ – x86_64 | ✓ – x86_64, aarch64/ARM64 |
| Ubuntu 22, 24 | X | ✓ – x86_64, aarch64/ARM64 |
| OSX | X | ✓ – Supported |
| MacOS | X | ✓ – Intel/M Series |
| AIX 7.1-7.3 | X | ✓ – POWER Series |
| Solaris 10/11 | X | ✓ – x86 and SPARC |
Visit the Atomic OSSEC page.
Atomic OSSEC Training and Professional Services
We offer OSSEC training and services as well. Visit the Training and Services page if interested in commercial OSSEC services ranging from technical account management, training and consultation engagements, to certification courses.
Atomic OSSEC Training Videos and Tutorials
Atomic OSSEC training videos and tutorials range from step-by-step Atomic OSSEC Windows and Linux installation demonstrations, to optimizing AV management, to turning up FIM for real-time malware detection.
Agent Installation (Linux). This video shows you how to install OSSEC agents on Linux operating systems (OSs).
Additional Atomic OSSEC instructional training videos include:
- Installing and configuring FIM. Configure FIM for compliance as well as for advanced and real-time malware detection. Troubleshooting Linux or Windows installations. Atomic OSSEC system troubleshooting and support contact information
- Securing legacy systems that are end of life (EOL) and no longer supported by a software vendor. Atomic OSSEC provides security and support for legacy and EOL versions such as RHEL 5, 6, and 7, CentOS 5, 6, 7, Windows 7, Windows XP, Windows 2003, legacy and EOL Solaris, Ubuntu 16, 18, and 20, HP-UX 10 and 11i, AIX legacy versions and EOL AIX 7.1, and more. Request a demo.
- Scheduling Atomic OSSEC malware scans.
- Troubleshooting network settings.
Visit the Atomic OSSEC training video page, or contact us.
OSSEC Support and Forums on Slack
Join our Slack channel for Atomic OSSEC updates, learning materials, and OSSEC community Q&A and discussions.
About Atomicorp and Atomic OSSEC
Atomicorp has supported OSSEC since OSSEC’s inception, and it has evolved OSSEC HIDS into an extended detection, response and compliance solution. Atomic OSSEC provides five times the number of security rules of free OSSEC, including central AV management features. The Atomic OSSEC engine integrates additional global threat and vulnerability data for enhanced security system preparedness and intrusion prevention. With Atomic OSSEC’s graphical user interface (GUI), IT security users can abstract cross-platform data for use in SIEM and GUI search and visualization as well as for analysis, reporting, and compliance. The Atomic OSSEC XDR engine and GUI/management dashboard together enable severity lists, security and compliance categories, user groups, charts, heat maps, all while maintaining a light software footprint.
The Atomic OSSEC extended detection and response solution is available for as low as $55 per agent per year. Volume pricing discounts are available. Atomic OSSEC comes with professional support for Atomic OSSEC customers and the software is updated daily.