OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). Has a powerful correlation and analysis engine, integrating log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
Has supported package repositories for multiple distros: https://www.ossec.net/download-ossec/
Lynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others. It performs an in-depth security scan and runs on the system itself. The primary goal is to test security defenses and provide tips for further system hardening. It will also scan for general system information, vulnerable software packages, and possible configuration issues. Lynis was commonly used by system administrators and auditors to assess the security defenses of their systems.
Automated security auditing
Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
Vulnerability detection
A service that logs into XMPP servers and tests their compliance with various XEPs. Generates a visual map of compliance on a categorical grid. You have to give it a user account on the server so it can log in and run tests. You do /not/ have to add your server to the public roster!
There is also a command line tool in Github.