Hey, anyone has any experience in OSSEC and Q1Labs integration?
for example: - does it integrate via syslog, or better via other method? - does Q1Labs standard parsers and normalisers understand Windows Event logs delivered via Ossec, or some tweeking is needed? - is there any parsers written for OSSEC specific alarms/alerts? Thanks for any experiences, Vilius
