...hat the data input UDP 10002 is set to Ossec, however I do not see any information in theSplunk dashboard.
What can I do to troubleshoot?
Thanks,
Scott
As I continue to troubleshootthe different OssecforSplunk I come across very odd behavior. Such as in the "Agent Status Over Time" will give me results for:
Act
Activ
Active
A...
Following the provided documentation, I'm having problems setting up a remote OSSEC server, step 6. When I run theossec_agent_status.py script I get the following output...
# sudo -u splunk ./ossec...