I'm using OSSEC server to monitor machines with OSSEC agents, which monitor this login via SSH, file creation, etc.
I have configured OSSEC to send an email when it detects a problem, but this control mode is very bad for data control and search.
How can I analyze the logs like a dashboard, all log occurrences? Analyze by type of threat, date of occurrence, etc.
