Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Splunk Add-on for OSSEC app icon

Splunk Add-on for OSSEC

The Splunk Add-on for OSSEC allows a Splunk® software administrator to collect alert events from OSSEC servers over syslog. The add-on collects the following alert data from OSSEC:

Built by
splunk product badge
Latest Version 4.0.0
July 30, 2015
Compatibility
Not Available
Platform Version: 6.3, 6.2, 6.1, 6.0
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
Splunk Add-on for OSSEC support icon
Splunk Supported addon
The Splunk Add-on for OSSEC allows a Splunk® software administrator to collect alert events from OSSEC servers over syslog. The add-on collects the following alert data from OSSEC: * File Integrity Management (FIM) data * FTP data * su data * ssh data * Windows data, including audit and logon information At this time, the add-on does not support data collection for OSSEC daemon logs, agent logs, or logs from the active response module. After the Splunk platform indexes the events, you can consume the data using the prebuilt dashboard panels included with the add-on. This add-on provides the inputs and CIM-compatible knowledge to use with other Splunk apps, such as the Splunk App for Enterprise Security and the Splunk App for PCI Compliance.

Categories

Created By

Splunk Inc.

Type

addon

Downloads

206

Licensing

Splunk Answers

Resources

Log in to report this app listing