Not sure what changed overnight but now seeing all alerts from OSSEC servers and agents. Let the data analysis begin!
On Wednesday, January 16, 2019 at 8:12:14 AM UTC-7, steve sauer wrote: > > Is anybody using the the OSSEC *Add-on* in Splunk 7.x.x. It seems rather > limited in what it parses compared to the older OSSEC app that is no longer > available. I want to extend it to capture and parse OSSEC events from my > Web server. These events are actually being captured now but not parsed. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
