Recommendations on Linux SIEM tools?

D

Deleted member 977321

Guest
I've seen two threads here discuss OSSEC, Splunk, and LogWatch. However, both are well over 5 years old. What works best with dedicated cPanel server environments? Which is best for learning more about cybersecurity and incident response in general?
 

SamuelM

Technical Analyst Team Lead
Nov 20, 2019
196
39
103
USA
cPanel Access Level
Root Administrator
Hello @Jay3570

None of these software solutions would integrate with existing features of cPanel and WHM. So I will let other community members weigh in on the subject. Can you provide any specific details about what you are trying to accomplish, or which security concerns or most important to you?
 
D

Deleted member 977321

Guest
Can you specify why they wouldn't work with cPanel/WHM? I've had no issues installing it or pulling server logs. I'm looking to learn more about ways to organize and visualize server log data, not simply website analytics.
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,497
1,967
363
cPanel Access Level
Root Administrator
I think the "why" is more so "we don't do any testing of these on our side so no guarantee it's doing to work." It doesn't mean it specifically *won't* work, but that there's no guarantee those functions will work, or could disrupt existing tools on the system.
 
D

Deleted member 977321

Guest
I figured that's what it meant, but "None of these software solutions would integrate with existing features" seems more negative than simply saying "we can't guarantee."
 
  • Like
Reactions: cPRex
D

Deleted member 977321

Guest
I see Kibana along with the full ELK Stack (Elasticsearch and Logwatch) could also be included here. Is Linux server monitoring that rarely discussed?