I for one would love a write up on integrating OSSEC with Splunk in the wiki. I think Splunk is great.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of cnk Sent: Tuesday, March 03, 2009 4:55 PM To: [email protected] Subject: [ossec-list] Re: Ossec UI - Any Updates? Hey Derek, Another alternative would be to use the Splunk for OSSEC application. http://www.splunkbase.com/apps/All/Security/app:Splunk+for+OSSEC Just grab the free license version of Splunk, install this app, and point your syslog output to your Splunk server. BAM! Instant wui 0.4. Do we really need another wui? I know I suffer from wui island overload . . . leveraging Splunk let's you have an advanced web interface that can easily be customized for your environment. Not to mention the fact that you can now have all your security apps report to a single interface. In my environment this makes incident analysis much easier. Please let us know if you think of other useful features for the Splunk for OSSEC app. Oh and I'll try to add a detailed write-up on this solution in the wiki. cheers, cnk On Tue, Mar 3, 2009 at 9:46 AM, Partha Panda <[email protected]> wrote: > Hi Derek > UI is one area we are looking at for the 2.1 release among others. Any > volunteers to help out with refining the UI - let me know ? We can really > use some help in this area. > > Thanks > Partha > > > ----- Original Message ----- > From: [email protected] <[email protected]> > To: [email protected] <[email protected]> > Sent: Tue Mar 03 08:06:55 2009 > Subject: [ossec-list] Ossec UI - Any Updates? > > > Any updates to the UI coming down the pipe. Been about a year since 0.3 was > put > out. Just curious! >
