Madhuka

Microservices, Java, DevOps, WSO2, Enterprise Solution, Enterprise Integration, SOA, EDA, Restful, C#, C++ tutorial, Ruby on rails, API Manager, jaggery, javascript, Madhuka

Cleaning OSSIM Alarms

Working on an Alienvault IDS system or OSSIM you can come across over huge amount of alarms are created will system migrations.

use the ossim-db command:
> ossim-db

use the alienvault database:
> USE alienvault

Check for Alarm tables

>SHOW TABLES LIKE 'alarm%';

Get table description

>DESCRIBE alarm;

Get the number of records in a table 'alarm'.

>SELECT COUNT(*) FROM alarm;

Listing 20 timestamp in alarm table which are created today

>SELECT timestamp FROM alarm WHERE DATE(timestamp) = CURDATE() limit 20;

Let make status for Close for today alarms

>update alarm set status = 'closed' WHERE DATE(timestamp) = CURDATE();

Before -------- -----> Now

Posted 31st October 2016 by Madhuka

Labels: OSSEC OSSIM

Add a comment

I am

Madhuka

Categories

.NET1
ActiveMQ2
Adobe AIR4
AdSense Search1
AJAX4
AlienVault USM1
Amazon Mechanical Turk1
Android7
AngularJS6
Anomaly Detection1
ANT2
Apache21
Apache Directory Studio3
Apache Helix1
Apache Lucene1
Apache Shindig4
Apache Solr1
Apache Zeppelin10
Apache ZooKeeper1
API management3
API Monetization1
Apple4
Architecture5
Axis25
Banking System4
Basic Examples in Ruby Class2
Big Data7
Bill Gates: Reckless Driving1
Bing Maps Silverlight Control7
Blog1
Blu-ray Player1
Bower2
Buidling2
c3
C Programming4
C#4
C# goals context of Design1
c++5
Canopy1
Cassandra2
CentOS2
CEP11
Champs Networking Month1
Charting5
Cluster5
Clustring9
Complex Event Processing4
Computer Languages2
CouchDB4
Data Analysis11
Data integration3
Data Manipulation3
Data Mining13
Data validation2
Database12
DB22
Debug3
Deployment Patterns1
Design Pattern5
Design Patterns5
Dev Studio1
DHIS 21
DOM6
E-Sri Lanka Mail10
Eclipse12
Enterprise integration1
Estimation Theory1
Event Driven Architecture3
Event Processing6
facebook10
Fauxton3
Flask1
Flex6
Flex 42
Fourth finger1
Future Computers2
Gadgets4
Game2
Gartner1
git2
google26
Google Chart3
Grammar Induction1
Grunt1
Hacking1
Hello world in Ruby1
HIDS1
HL72
Horde5
How to setup Ruby in Linux1
HTML 522
IBM2
IE6 until 20141
IIS2
Imagine cup 20104
Industrial Application in Mobile Databases1
Install RoR to Vista1
Integration test3
Internet10
iPhone4
iPhone Web Apps4
IR3
IT50
j2ME3
Jaggery40
Jaggery Implementation1
jaggery unit testing1
Jasmine11
java32
Java Script65
java82
JMS3
jQuery Mobile6
jUnitTest10
Kerberos2
LDAP7
learning2
LibraryThing1
Licenses1
Linux13
Local Storages4
Machine Learning3
Map2
marketting1
Markov Models1
Mathematical Framework3
Mathematics4
MAVEN6
Me11
medical1
Microservices2
Microsoft26
Microsoft student champ community - Sri Lanka9
Microsoft student champ community - Sri Lanka - 02/20091
Mobile Development4
mocha3
Movies4
MPJ1
msf4j1
Mustache2
MVC3
My Brother's Work1
My projects2
MySQL1
netbeans3
Networking10
New Google’s search engine1
New Sinhala Songs1
NLP3
NLTK3
nodeJS5
OOP3
Open Source2
OpenSocial container3
OSGI1
OSSEC13
OSSIM17
Packaging1
Padas2
Pandas1
Patching2
Pattern1
phones27
php1
Postgres1
Predictive modeling1
project1
Prolog1
Proxy13
PuTTY1
Python19
React JS1
reCAPTCHA1
RESTful WS8
Rhino4
Rich Internet Applications1
ROR18
Ruby on Rails17
SAML22
scala1
scikit-learn2
Security16
Silverlight Beginners Tutorials8
Sinhala4
SOA5
SOAP19
SoapUI2
Socket Programing2
software development2
sonar2
SSO2
String processing2
Structured for SRS1
sync2
Talend2
Test19
Test Framework16
tomcat3
Travel Green Ceylon1
Tutorials in Expression Blend 36
Tweeter2
twitter2
Two Threads and one Nail in OOP1
Ubuntu13
USB3
Vehicles Registration Sample1
vjet6
web Applications26
Web Service30
Web Socket2
Web video to Plasma TV1
Weka1
what is "ROR"???1
Wii1
Window Phone Application8
Windows25
Windows 728
Windows 85
Windows Communication Foundation (WCF)2
Windows PowerShell3
Windows Presentation Foundation5
WSO271
WSO2 API Manager7
WSO2 AS4
WSO2 BAM1
WSO2 BPS2
WSO2 Carbon19
WSO2 CEP3
WSO2 Con4
WSO2 Data Services2
WSO2 EI4
WSO2 ELB2
WSO2 ESB28
WSO2 ESB Mediators12
WSO2 GREG4
WSO2 IS14
WSO2 Registry5
WSO2 UES4
WSO2GadgetServer2.03
WSO2MB3
XMLHttpRequest6
XSLT1
Yahoo User Interface1
සිංහල9

Madhuka

Microservices, Java, DevOps, WSO2, Enterprise Solution, Enterprise Integration, SOA, EDA, Restful, C#, C++ tutorial, Ruby on rails, API Manager, jaggery, javascript, Madhuka

Cleaning OSSIM Alarms

Syscheck in OSSEC

Triggering action or email over the event occurrence in OSSIM

Adding More user data field for Event

Connecting to OSSEC rule from OSSIM

Creating New Rule set for OSSEC Server

OSSEC Rule Testing

Sending Brute force attack

DiskPart in window (Fdisk in windows 8)

Uncomplicated Firewall

Grep quotes in Linux

OSSEC Decoder

How access log work with OSSIM

HIDS Agentless in AlienVault USM

Install OSSIM

OSSEC configure to new log file

Testing Log forwarding in OSSEC

Host based firewall in Linux

Adding OSSEC client to OSSEC Server

Creating Correlation Rules and Alarms in AlienVault

Advance Tutorial in OSSIM Directive

Simple OSSIM Directives

Making OSSIM Alarm from Event

Reading a custom log file from OSSIM

OSSIM components

module.exports VS exports

Adding agent for OSSIM from OSSEC

OSSEC service for Centos7

JavaScript references with setTimeout() and setInterval()

CROS in Node

Node.JS with Express Session

dhis2-android-dashboard Build from Source

Cleaning OSSIM Alarms

Add a comment