- ospatrol-analysisd | Master program. Analyzes data from the logs, syscheck,rootcheck, etc.
Runs as an unprivileged (ospatrol) user under chroot.
|
ospatrol-execd |
Execute active responses by calling the configured scripts. Runs as root. |
ospatrol-maild |
Send e-mail alerts. Runs as an unprivileged user (ospatrolm) under chroot. |
ospatrol-remoted |
Server side socket for server/client communications.
Runs as an unprivileged user (ospatrolr) under chroot. |
ospatrol-agentd |
Agent side socket for server/client communications.
Runs as an unprivileged user (ospatrol) under chroot. |
ospatrol-logcollector |
Monitor log files and windows event logs (do not use tail). |
ospatrol-syscheckd |
Does integrity checking and rootkit detection (rootcheck is a module of it). |
ospatrol-csyslogd |
Client syslog tool to forward OSPatrol alerts to remote syslog servers
(including SIM/SEMs and log management systems). |
ospatrol-monitord |
Monitor agent connectivity and compress daily log files. |