Hi I was wondering if anyone has any idea if it is possible for a local OSSEC install on an ELK server (elasticsearch, logstash, kibana) to just parse info and analyse the log files being sent to logstash?
If agents like filebeat or even syslog are sending logs to the server already, there would be no need to install the agent or setup agentless methods on the clients. Is this possible/feasible? -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
