I am looking for a web frontend that managers and non-system users can create reports from without needing direct access to the OSSEC server. I have setup Splunk with the Ossec4splunk app and it looks very promising except for a huge glaring issue that isn't being answered by the app owner. (see my postings -- http://splunk-base.splunk.com/answers/29021/ossec_agent_statuspy-v-on-local-server-timeout-exceeded-error).
So my questions to this group ... Is there something else besides Splunk or Base (which the integration with OSSEC seems to be dead)? Is anyone else using Splunk with large number of clients (>1500)? Or is there another way to accomplish this without a web interface? Thanks!
