I've had success with Splunk and the "OSSEC for Splunk" application. It's great for monitoring and digging through your OSSEC logs and alerts, but I still do configuration and rule tweaking via command line. I wrote a quick blog post that might be helpful.
http://intellavis.com/blog/?p=201 On Friday, July 20, 2012 1:53:18 AM UTC-4, caroline mungai wrote: > > Hi, > > Is there a ossec gui how do i go about setting it up. > > -- > carol........ > > Make a habit of raising your standards so that you work towards > them...........it will always keep you on your toes. > > > >
