Hi All, In our network we have splunk centralized log server for all Linux/Unix box. We have configured syslog to send all logs to Splunk. Now i am planing to install OSSEC on all Unix/Linux boxes so question is how ossec agent will parse log file while those boxes sending log to splunk server via syslog ?
How do i configure splunk vs ossec logs monitoring ? -Satish
