Due to Splunk deprecating their file integrity monitoring functionality of
their agents and server, I am looking for a cheap solution to send FIM data
to Splunk to report on. Therefore I am wondering if there is any way I can
send data from a Windows OSSEC agent directly into Splunk. I was
Due to Splunk deprecating their file integrity monitoring functionality of
their agents and server, I am looking for a cheap solution to send FIM data
to Splunk to report on. Therefore I am wondering if there is any way I can
send data from a Windows OSSEC agent directly into Splunk. I was
Hi,
Due to Splunk deprecating their file integrity monitoring feature of their
Splunk agent and server, I am looking for a cheap alternative. So I was
wondering if it was possible to send OSSEC windows agent data directly
Splunk. I was told the Windows agent needs to connect to an OSSEC
Hi,
Due to Splunk deprecating their file integrity monitoring feature of their
Splunk agent and server, I am looking for a cheap alternative. So I was
wondering if it was possible to send OSSEC windows agent data directly
Splunk. I was told the Windows agent needs to connect to an OSSEC
Hello,
I was wondering if someone already used the OSSEC and Nagios to generate
alerts ?
I have the following idea in my head: alert of level 11+ will be seen by a
monitor/swatch script tailing the /var/ossec/logs/alerts/alerts.log logfile
and generates an alert/trigger and sends it to Nagios.
On Wed, Feb 5, 2014 at 6:15 AM, Tino Abbraccio sistoabbrac...@gmail.com wrote:
Hi,
Due to Splunk deprecating their file integrity monitoring feature of their
Splunk agent and server, I am looking for a cheap alternative. So I was
wondering if it was possible to send OSSEC windows agent data
Have you asked Google?
--
Later,
Darin
On Wed, Feb 5, 2014 at 6:47 AM, Michiel van Es vanesmich...@gmail.com wrote:
Hello,
I was wondering if someone already used the OSSEC and Nagios to generate
alerts ?
I have the following idea in my head: alert of level 11+ will be seen by a
Yes, First 3 hits about mail scripts (nagios exchange) and 'swatch alike
scripts' but not a lot of specific setup information.
That is why I ask it here what people use nowadays and how their setup
looks like.
Michiel
Op woensdag 5 februari 2014 14:32:47 UTC+1 schreef Darin Perusich:
Have
To be more precise: this is the most valuable link I
found: http://blog.kintoandar.com/2011/01/nagios-nrpe-ossec-check.html
I am still interested in other peoples' implementations.
Op woensdag 5 februari 2014 14:45:26 UTC+1 schreef Michiel van Es:
Yes, First 3 hits about mail scripts (nagios
Hi. I'm trying this setup, after seeing the blog post on ossec.net
recently, and regularly exceeding the 500mb limit on Splunk free. I'm
sending alerts level 3+ to logstash and 5+ to splunk still. I spent a
while tweaking the logstash.conf to work with spunk format syslog output,
as it
On 2014-02-05 4:02, Tino Abbraccio wrote:
Due to Splunk deprecating their file integrity monitoring
functionality of their agents and server, I am looking for a cheap
solution to send FIM data to Splunk to report on. Therefore I am
wondering if there is any way I can send data from a Windows
http://ossec-docs.readthedocs.org/en/latest/manual/agent/agent-configuration.html
I got really excited when I read this page. I made some changes to files
being watched and was glad I didn't have to hop around to all the agents
and add to the conf files one by one. I edited
12 matches
Mail list logo