Skip to content Skip to site navigation Skip to service navigation

File Integrity Monitoring (OSSEC)

Detect intrusions and monitor log changes

In September 2022, rates will change for several of the technology services provided by University IT. To view the majority of our planned rate changes for services that are broadly available to our community, please visit this page. For more information, please visit the rates section of our website.

OSSEC is an open-source file integrity monitoring application that records changes to a server's file system to help detect and investigate an intrusion or change. It logs changes to monitored files on the system, and those logs should then be forwarded to centralized logging. This change information can be extremely useful for investigating security incidents.  Additionally, OSSEC generates other security logs of system activity, which provide valuable insight to system administrators.

Designed for

Stanford administrative and academic departments


  • A Linux server (compiler needed to build from source)
  • Also supported on other Unix variants

Data security

May be used with Low, Moderate, and High Risk Data, as defined by the Information Security Office


Free of charge

Get started

Linux Servers

Windows Servers

Get help

For assistance, submit a Help request

Learn more

OSSEC community documentation

See also

Last modified June 20, 2022