Solved: How to install the Reporting and Management for OS...

sni9er · ‎02-25-2015

Hi

Is there any tutorial on how to install the the Reporting and Management for OSSEC app?

thanks

markthompson · ‎02-25-2015

Installation

To install, extract the .tgz archive in $SPLUNK_HOME/etc/apps

You may need to enable the appropriate inputs, either via inputs.conf, or through the Manager in the Splunk GUI.

The application maintains a list of all known OSSEC servers in a lookup table. When you first install, this list will be empty except for a wildcard ntry. You can wait until it is populated automatically, or run OSSEC - Rebuild OSSEC Server Lookup Table from the Searches & Reports -> Utility menu.

View solution in original post

markthompson · ‎02-25-2015

Installation

To install, extract the .tgz archive in $SPLUNK_HOME/etc/apps

You may need to enable the appropriate inputs, either via inputs.conf, or through the Manager in the Splunk GUI.

The application maintains a list of all known OSSEC servers in a lookup table. When you first install, this list will be empty except for a wildcard ntry. You can wait until it is populated automatically, or run OSSEC - Rebuild OSSEC Server Lookup Table from the Searches & Reports -> Utility menu.

sni9er · ‎02-25-2015

so i only need to extract the .tgz archive in splunk machine ?

markthompson · ‎02-25-2015

That answer is extracted from the documentation, so Yes, extract it into the apps folder

sni9er · ‎02-25-2015

Ok thanks 🙂

How to install the Reporting and Management for OSSEC app?

.conf24 | Day 0

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector