did something similar using the smaller version of splunk (500 meg) -
stuck with a single server, but created dashboards inside splunk to
split the appropriate alerts.
Something to think about.
On Oct 19, 9:27 am, Sherman Butler sbut...@cequint.com wrote:
I'm wondering if it's possible to have
Thanks Kat
We had suggested splunk as being a better tool for scraping the logs for
their application stuff but the boss has already seen what OSSEC can do
and likes the output and hasn't been receptive to trying anything else.
I'll keep pushing it and hope for a better resolution to come our
@googlegroups.com
Subject: Re: [ossec-list] Re: Multiple instances of OSSEC running on a
single system
Thanks Kat
We had suggested splunk as being a better tool for scraping the logs for
their application stuff but the boss has already seen what OSSEC can do
and likes the output and hasn't been receptive
-Original Message-
From: ossec-list@googlegroups.com [mailto:ossec-list@googlegroups.com]
On Behalf Of Sherman Butler
Sent: Thursday, 20 October 2011 7:25 a.m.
To: ossec-list@googlegroups.com
Subject: Re: [ossec-list] Re: Multiple instances of OSSEC running on a
single system
Thanks Kat
We had