Warning
Splunkbase Classic has been deprecated and will be deactivated on February 18, 2026.
Warning

This app is archived. App archiving documentation

Splunk Add-on for OSSEC app icon

Splunk Add-on for OSSEC

The Splunk Add-on for OSSEC allows a Splunk® software administrator to collect alert events from OSSEC servers over syslog. The add-on collects the following alert data from OSSEC:

Built by
splunk product badge
Latest Version 4.1.0
November 3, 2020
Compatibility
Splunk Enterprise
Platform Version: 10.1, 10.0, 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2
CIM Version: 4.x
Rating

0

(0)

Log in to rate this app
Support
Splunk Add-on for OSSEC support icon
Not Supported
The Splunk Add-on for OSSEC allows a Splunk® software administrator to collect alert events from OSSEC servers over syslog. The add-on collects the following alert data from OSSEC: * File Integrity Management (FIM) data * FTP data * su data * ssh data * Windows data, including audit and logon information At this time, the add-on does not support data collection for OSSEC daemon logs, agent logs, or logs from the active response module.

Categories

IT Operations, Security, Fraud & Compliance

Created By

Splunk LLC

Type

addon

Downloads

11,138

Licensing

Splunk General Terms(Opens new window)

Splunk Answers

Ask a question about this app listing(Opens new window)

Resources

Log in to report this app listing