On Thu, Mar 1, 2012 at 5:54 AM, PJG <[email protected]> wrote: > It's open source if you consume less that 500Mb of logs per day, and I > beleive per instance. >
No it isn't. It doesn't cost anything up to 500MB of logs per day (with reduced functionality). > Hence if you deploy directly onto your ossec server, it will not > require a licence (as long as you don't breach the log limit). > > On Feb 28, 3:53 pm, James M Pulver <[email protected]> wrote: >> The problem with Splunk to me is it isn't open source, and hence is or can >> be expensive. >> >> -- >> James Pulver >> LEPP Computer Group >> Cornell University >> >> >> >> >> >> >> >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] On >> Behalf Of PS >> Sent: Tuesday, February 28, 2012 10:43 AM >> To: [email protected] >> Subject: Re: [ossec-list] Did the WUI ever get fixed? >> >> I'm using Splunk because I already had it installed when installed ossec. >> The ossec app for splunk is nice. I recommend it. >> >> Victor Pineiro >> >> On Feb 28, 2012, at 4:05 AM, PJG <[email protected]> wrote: >> >> > All, >> >> > I saw a post back to last year about the WUI not displaying logs >> > correctly. Did anyone get this fixed? (I was going reply to that post >> > but couldn't, so have opened this new one). >> >> > Reason being, is that despite it's limitations, it's still a very >> > quick and easy first place to look for logs. >> >> > I've built it into my Incident response procedures, and would really >> > like it to work. >> >> > Now I know I can deploy Splunk to do a similar things, but the OSSEC >> > wui is a very simple tool, to view very powerful logs. >> >> > If I had the skills I would look into fixing it, but unfortunately I >> > don't. >> >> > Has anyone else been able to wave their magic wand? >> >> > Cheers... >> >> > Pip
