AlienVault OSSIM v4.2 Released! Download here
How to generate an alert when an asset is discovered
How do I generate an alert when a new asset is discovered? I have nmap running every hour and it does insert assets into the asset list, but I would like to generate an alarm or report of all the new assets discovered - implementing "Metric 1" of "Critical Control 1: Inventory of Authorized and Unauthorized Devices" (CSIS: 20 Critical Security Controls Version 4.0 - http://www.sans.org/critical-security-controls/
"Control 1 Metric:
The system must be capable of identifying any new unauthorized devices that are connected to the network within 24 hours, and of alerting or sending e-mail notification to a list of enterprise administrative personnel."
1 • •