Hi,
thanks for creating this thread, as I'm also interested in using OSSEC in
combination with the Splunk App (also on RHEL servers). Also what is the
difference between the OSSEC app and the PCI DSS compliance app which you
would have to pay for?!
do you have any experience with the PCI DSS
In terms of comparison, the OSSEC app and the PCI app for Splunk are
intended to be very different things.
It looks like the PCI app is meant to cover as much of the PCI requirements
as possible, and it knows about the actual PCI requirements themselves. It
looks like maybe it also some asset
Hi all,
I was originally going to do an OSSEC - OSSIM setup but running into some
issues with RHEL compliance since OSSIM is Debian.
Now I was looking at Splunk (Free) Enterprise but noticed the splunk app to
integrate OSSEC is now 2 years old and most likely does not work with
Splunk v6.
How about fluentd+kibana?
12.4.2014 16.05 kirjoitti Glenn Ford gmfpa...@gmail.com:
Hi all,
I was originally going to do an OSSEC - OSSIM setup but running into some
issues with RHEL compliance since OSSIM is Debian.
Now I was looking at Splunk (Free) Enterprise but noticed the splunk app
Hi,
yes the app for splunk (http://apps.splunk.com/app/300/) is 2 years old,
but it is still working :-). It is marked as working with splunk 6, and I
have a running instance that is working fine with it. Did you give it a try?
Do you need instruction how to setup splunk 6 + ossec report?