Splunk Add-on for OSSEC

Splunk Community
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Add-on for OSSEC

Splunk Add-on for OSSEC
The Splunk Add-on for OSSEC allows a Splunk® software administrator to collect alert events from OSSEC servers over syslog. The add-on collects the following alert data from OSSEC: * File Integrity Management (FIM) data * FTP data * su data * ssh data * Windows data, including audit and logon information At this time, the add-on does not support data collection for OSSEC daemon logs, agent logs, or logs from the active response module.
Ask a Question View in Splunkbase
0 topics and 0 replies mentioned Splunk Add-on for OSSEC in
Latest Topics
No posts to display.
Latest Replies
No posts to display.
Top Topics
No posts to display.
My Topics
No posts to display.