lynis
lynis copied to clipboard
Added wazuh-agent as a remote syslog capability
As mentioned in https://github.com/CISOfy/lynis/issues/1316, Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to read, filter, process and enrich logs including syslog by default. The SIEM capability is based on the central log collection. Therefore, it seems feasible to add wazuh-agent to the accepted logging products. Current capabilities satisfy test LOGG-2154.
https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/ https://documentation.wazuh.com/current/pci-dss/log-analysis.html
May I request a review on this PR?