We are consulting for a firm that is a Top level Merchant provider. This year their PCI Compliance is more strict then in the past. They have reached out to us to help with a couple dozen items including OSSEC.
The exact requirement paraphrased and as posted here:
"Provide OSSEC Configuration for <Server Name>, DC, DC2, and <App Server>. OSSEC must perform at least weekly comparison. Provide 3 Samples of alerts sent to <IT Administrator Name> from OSSEC"
I believe this should be a straightforward issue. Can anybody advise on recommended course of action?