The problem with Splunk to me is it isn't open source, and hence is or can be expensive.
-- James Pulver LEPP Computer Group Cornell University -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of PS Sent: Tuesday, February 28, 2012 10:43 AM To: [email protected] Subject: Re: [ossec-list] Did the WUI ever get fixed? I'm using Splunk because I already had it installed when installed ossec. The ossec app for splunk is nice. I recommend it. Victor Pineiro On Feb 28, 2012, at 4:05 AM, PJG <[email protected]> wrote: > All, > > I saw a post back to last year about the WUI not displaying logs > correctly. Did anyone get this fixed? (I was going reply to that post > but couldn't, so have opened this new one). > > Reason being, is that despite it's limitations, it's still a very > quick and easy first place to look for logs. > > I've built it into my Incident response procedures, and would really > like it to work. > > Now I know I can deploy Splunk to do a similar things, but the OSSEC > wui is a very simple tool, to view very powerful logs. > > If I had the skills I would look into fixing it, but unfortunately I > don't. > > Has anyone else been able to wave their magic wand? > > Cheers... > > Pip >
