Mense/Server/UBNT/DE225680SBEZ01/ossec.conf aktualisiert

Mense/Server/UBNT/DE225680SBEZ01/ossec.conf

@@ -114,6 +114,9 @@
     <!-- Directories to check  (perform all possible verifications) -->
     <directories>/etc,/usr/bin,/usr/sbin</directories>
     <directories>/bin,/sbin,/boot</directories>
+    <directories check_all="yes">/etc/ssh</directories>
+    <directories check_all="yes">/etc/cups</directories>
+    <directories check_all="yes">/var/spool/cups</directories>
 
     <!-- Files/directories to ignore -->
     <ignore>/etc/mtab</ignore>
@@ -194,11 +197,47 @@
     <location>journald</location>
   </localfile>
 
+  <localfile>
+    <log_format>syslog</log_format>
+    <location>/var/log/auth.log</location>
+  </localfile>
+
   <localfile>
     <log_format>syslog</log_format>
     <location>/var/ossec/logs/active-responses.log</location>
   </localfile>
 
+  <localfile>
+  <log_format>syslog</log_format>
+  <location>/var/log/cups/error_log</location>
+</localfile>
+
+<localfile>
+  <log_format>syslog</log_format>
+  <location>/var/log/clamav/fullscan.log</location>
+</localfile>
+
+<localfile>
+  <log_format>syslog</log_format>
+  <location>/var/log/clamav/quickscan.log</location>
+</localfile>
+
+<localfile>
+  <log_format>syslog</log_format>
+  <location>/var/log/clamav/freshclam.log</location>
+</localfile>
+
+<localfile>
+  <log_format>full_command</log_format>
+  <command>faillog -a</command>
+  <frequency>360</frequency>
+</localfile>
+
+<localfile>
+  <log_format>syslog</log_format>
+  <location>/var/log/cups/access_log</location>
+</localfile>
+
   <localfile>
     <log_format>syslog</log_format>
     <location>/var/log/dpkg.log</location>