Latest Version 4.1.0
November 3, 2020
The Splunk Add-on for OSSEC allows a Splunk® software administrator to collect alert events from OSSEC servers over syslog. The add-on collects the following alert data from OSSEC: * File Integrity Management (FIM) data * FTP data * su data * ssh data * Windows data, including audit and logon information At this time, the add-on does not support data collection for OSSEC daemon logs, agent logs, or logs from the active response module.
(0)
Categories
Created By
Type
Downloads
Licensing
Splunk Answers
Resources