Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Splunk Add-on for OSSEC app icon

Splunk Add-on for OSSEC

The Splunk Add-on for OSSEC allows a Splunk® software administrator to collect alert events from OSSEC servers over syslog. The add-on collects the following alert data from OSSEC: * File Integrity Management (FIM) data * FTP data * su data * ssh data * Windows data, including audit and logon information At this time, the add-on does not support data collection for OSSEC daemon logs, agent logs, or logs from the active response module.

Built by Splunk LLC
splunk product badge

Latest Version 4.1.0
November 3, 2020
Compatibility
Not Available
Platform Version: 10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
Splunk Add-on for OSSEC support icon
Splunk Supported addon
The Splunk Add-on for OSSEC allows a Splunk® software administrator to collect alert events from OSSEC servers over syslog. The add-on collects the following alert data from OSSEC: * File Integrity Management (FIM) data * FTP data * su data * ssh data * Windows data, including audit and logon information At this time, the add-on does not support data collection for OSSEC daemon logs, agent logs, or logs from the active response module.

Categories

Created By

Splunk LLC

Type

addon

Downloads

11,050

Resources

Login to report this app listing