Hi, yes the app for splunk (http://apps.splunk.com/app/300/) is 2 years old, but it is still working :-). It is marked as working with splunk 6, and I have a running instance that is working fine with it. Did you give it a try? Do you need instruction how to setup splunk 6 + ossec report?
Regards, On Sat, Apr 12, 2014 at 8:56 AM, Glenn Ford <gmfpa...@gmail.com> wrote: > Hi all, > > I was originally going to do an OSSEC -> OSSIM setup but running into some > issues with RHEL compliance since OSSIM is Debian. > > Now I was looking at Splunk (Free) Enterprise but noticed the splunk app > to integrate OSSEC is now 2 years old and most likely does not work with > Splunk v6. > > Does anyone have an SIEM solution that has a free crippleware version such > as alientvault ossim or splunk enterprise that works on RHEL? > > Thanks in advance, > > Glenn > > -- > > --- > You received this message because you are subscribed to the Google Groups > "ossec-list" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to ossec-list+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.