Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
This app is archived. Learn more
Security Onion Server/Sensor Add-on
Security Onion Sensor Add On eases the configuration of a multiple Security Onion sensor deployment. Install the Splunk Universal forwarder and untar this app to /opt/splunkforwarder/etc/apps. Edit /opt/splunkforwarder/etc/apps/securityonion_addon/local/inputs.conf to disable specific logs depending on whether you're indexing from a server or sensor that is remote to the Splunk indexer. See README or http://eyeis.net/2012/07/announcing-security-onion-for-splunk-serversensor-add-on/ for details on setup/config.
Built by Brad Shoop
Compatibility
Not Available
Rating
0
(0)
Log in to rate this app
Security Onion Sensor Add On eases the configuration of a multiple Security Onion sensor deployment. Install the Splunk Universal forwarder and untar this app to /opt/splunkforwarder/etc/apps. Edit /opt/splunkforwarder/etc/apps/securityonion_addon/local/inputs.conf to disable specific logs depending on whether you're indexing from a server or sensor that is remote to the Splunk indexer.
See README or http://eyeis.net/2012/07/announcing-security-onion-for-splunk-serversensor-add-on/ for details on setup/config.
Categories
Created By
Brad Shoop
Type
addon
Downloads
1,839
Licensing
Splunk Answers
Resources
Login to report this app listing