anyone knows of alternative to splunk. dont get me wrong i like splunk. I have it install works great. but there is a limitation because of licensing on how much data you can index. anyone know how much data does the splunk index when ossec server logs to it.
On Wed, Feb 23, 2011 at 5:30 PM, Satish Patel <[email protected]> wrote: > I'm using splunk and it beat everyone. > > -- > Sent from my iPhone > > > On Feb 23, 2011, at 3:18 PM, "dan (ddp)" <[email protected]> wrote: > > splunk comes closest. >> >> On Wed, Feb 23, 2011 at 3:13 PM, Charles Profitt >> <[email protected]> wrote: >> >>> Dan: >>> >>> Is there an alternative to WUI? >>> >>> Charles Profitt, Sr. Network Technician, Pittsford Central Schools >>> BrainBench Certified - (Master)Microsoft Security | (Master)Storage Area >>> Networks Concepts | (Master)Microsoft Vista Desktop Administration | >>> (Master)Macintosh OS X 10.4 Desktop Administration >>> ---------------------------------------------------------------------- >>> νόησις νοήσεως - nóesis noéseos >>> ________________________________________ >>> From: [email protected] [[email protected]] On >>> Behalf Of dan (ddp) [[email protected]] >>> Sent: Wednesday, February 23, 2011 2:21 PM >>> To: [email protected] >>> Subject: Re: [ossec-list] Latest Events >>> >>> Hi Charles, >>> >>> On Wed, Feb 23, 2011 at 2:13 PM, Charles Profitt >>> <[email protected]> wrote: >>> >>>> I have a lighthttpd install of ossec-wui and the server does not display >>>> any >>>> alerts under latest events on the main page. In fact, the heading latest >>>> events does not show either. I have looked at the wiki and searched >>>> Google >>>> with no results. Can anyone point me in a direction. >>>> >>>> >>> Look at the lighttpd logs. >>> >>> Generally wui is old, broken, and unmaintained. I don't encourage its >>> use, and don't generally provide much help with it. >>> dan >>> >>> This email message and any attachments may contain confidential >>> information. If you are not the intended recipient, you are prohibited from >>> using the information in any way, including but not limited to disclosure >>> of, copying, forwarding or acting in reliance on the contents. If you have >>> received this email by error, please immediately notify me by return email >>> and delete it from your email system. Thank you. >>> >>>
