Introduction

Osiris is one of the most widely deployed open source host integrity monitoring systems available today. In Chapter 5, we explored how Osiris works; this chapter covers all of the steps involved in deploying Osiris, including building from source, deployment, configuration, and administration.

It is always good practice to test software in a dedicated testing environment before incorporating it into your production system. This is useful for a few reasons. First, it allows you to gain familiarity with the software before you deploy it (mistakes can be made without much consequence). Second, it allows you to determine what functionality you need for your software agents (modules). It also allows you to fine-tune configurations so that you can begin production with fewer false positives. Finally, it is recommended that you maintain at least one test system to be used just for experimenting, testing policy changes, and simulating upgrades.

This chapter marks the start of the practical section of this book. It contains more information and detail about deploying Osiris than any other source. As of this writing, Osiris is at version 4.1.8. The goal here is to provide detailed, applicable information on how to deploy Osiris. Although the attempt is made to stick to the core elements, keep in mind that Osiris is under active development, so not all of the screenshots or output will exactly match future versions.