Anyone who is using Splunk, how are you getting the info to the Splunk server? Is the splunk server on the same server as your OSSEC server? I see options for managing agents and that is a little confusing.
Zate On Mon, Apr 9, 2012 at 4:27 PM, Qasim Ijaz <iloveab...@gmail.com> wrote: > I'll try those. Thanks Dan. > > > On Monday, April 9, 2012 4:02:14 PM UTC-5, dan (ddpbsd) wrote: >> >> They aren't OSSEC specific, and can't do a bunch of OSSEC specific >> things, but I like Graylog2 and logstash. >> >> On Mon, Apr 9, 2012 at 4:26 PM, Qasim Ijaz <iloveab...@gmail.com> wrote: >> > I have used OSSEC WUI and SPLUNK. I love detail in OSSEC WUI but i'd >> like >> > graphs. Splunk is expensive. Any alternatives guys? >> >