I've spent a couple of days thinking about the purpose of this blog. I haven't come to any firm conclusions, except for the goal of improving my own writing. I used to write. I used to write a lot. It's a passion I kind of lost over the years. Ihad never considered myself to be a good writer, but I enjoyed it. I'm not entirely sure why I stopped, and sometimes think about getting back into it.
So, I'm going to use this blog as a place to practice writing. I'll be posting technical content on a (hopefully) regular basis. There is a good chance most of my posts will be about OSSEC. It's currently one of my favorite Free/Open Source Software applications, and one I use daily.
You can generally find me on the OSSEC user list, as well as IRC (#ossec on freenode) when I'm able. I try to contribute decoders and rules, and frequently copy syslog messages from mailing lists when I find something interesting. I've also tried to help with the documentation, but I haven't done enough.
When I finally figure out how to organize it, I'm planning on releasing my rulesets (as well as the OSSEC rulesets) outside of the OSSEC source. I'm thinking of this being similar to how snort's rules are separated from the source code.
I currently have a post prepared for the Week of OSSEC, and one that needs to be written. I also have a number of little OSSEC tidbits hidden away in a text file waiting to be released. I'm hoping to convert some into (possibly short) blog posts.
Hopefully my rambling was readable and made sense.
*I didn't like my original introduction, so this should hopefully replace it*