I've also been testing Splunk these past few days. I read on the OSSEC web site <http://www.ossec.net/wiki/OSSEC_&_Splunk> about an app for Splunk that reads OSSEC agent data into its database, but I can't find it anywhere in the Splunk "App Store", yet it still pops up in searches when you google for "splunk ossec".
Is it no longer supported?
