Splunk Enterprise Security

OSSEC App and the Common Information Model

j666gak
Communicator

I am a fan on the OSSEC app, however to make proper use of it in my eyes it needs to be integrated with the Common Information Model.

Has anybody already integrated the OSSEC appp with Common Information Model i.e. field extractions and tags etc.

Thanks

0 Karma
1 Solution

jcoates_splunk
Splunk Employee
Splunk Employee

There's a TA for it in Enterprise Security -- getting that onto Apps is on the to-do list. Note that this is a long list and timing is TBD.

View solution in original post

0 Karma

jcoates_splunk
Splunk Employee
Splunk Employee

There's a TA for it in Enterprise Security -- getting that onto Apps is on the to-do list. Note that this is a long list and timing is TBD.

View solution in original post

0 Karma
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!