File Intregrity Monitoring for Linux CentOS - what are you monitoring for regulatory obligations?
PCI "10.5.5 Verify the use of file integrity monitoring or change detection software for logs by examining system settings and monitored files and results from monitoring activities" and "11.5 verify the use of file-integrity monitoring products within the cardholder data environment by observing system settings and monitored files, as well as reviewing results from monitoring activities. Examples of files that should be monitored: System executables, Application executables, configuration and parameter files, centrally stored, historical or archived, log and audit files."
These requirements are causing us some grief because everyone has a different opinion as to what should be monitored and how.
The files are on Linux with CentOS.
Can you please tell me how you are satisfying this requirement? Are you using any special software, custom scripts, etc? Which directories and/or files are you monitoring?
Any recommendations or suggestions you can offer would be greatly appreciated.
Thanks again Experts!
Steph M
These requirements are causing us some grief because everyone has a different opinion as to what should be monitored and how.
The files are on Linux with CentOS.
Can you please tell me how you are satisfying this requirement? Are you using any special software, custom scripts, etc? Which directories and/or files are you monitoring?
Any recommendations or suggestions you can offer would be greatly appreciated.
Thanks again Experts!
Steph M
Since we are in financial domain so we are more concern about that and we are using etrust in our environment. But it is paid.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OSSEC was chosen.
Thank you.
Thank you.
-rich