Take a look at www.logzilla.pro (there is a community edition) which
has a separate OSSEC filter that formats the ossec log entries
correctly. Source is included, so you could see how it is done. The
plugin for Splunk does the same thing - it pulls the entry apart and
formats correctly. But I
-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On
Behalf Of Kat
Sent: Wednesday, July 20, 2011 3:00 PM
To: ossec-list
Subject: [ossec-list] Re: Have OSSEC generated syslogs more correct
Take a look at www.logzilla.pro (there is a community edition) which
has a separate OSSEC filter
Technology Area Supervisor
LEPP Computer Group
Cornell University
-Original Message-
From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com] On
Behalf Of Kat
Sent: Wednesday, July 20, 2011 3:00 PM
To: ossec-list
Subject: [ossec-list] Re: Have OSSEC generated syslogs more