OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). Has a powerful correlation and analysis engine, integrating log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
Has supported package repositories for multiple distros: https://www.ossec.net/download-ossec/