{"id":112,"date":"2009-06-03T21:39:00","date_gmt":"2009-06-03T21:39:00","guid":{"rendered":"https:\/\/defragged.org\/ossec\/?p=112"},"modified":"2020-07-02T21:40:28","modified_gmt":"2020-07-02T21:40:28","slug":"splunk-ossec-integration","status":"publish","type":"post","link":"https:\/\/defragged.org\/ossec\/2009\/06\/splunk-ossec-integration\/","title":{"rendered":"Splunk + OSSEC Integration"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote\"><p>This is a guest article by Dale Neufeld \u2013 canuck.eh at gmail.com<\/p><p>The status of the next version of the OSSEC web interface is one of the more commonly asked questions on the mailing list and is currently #2 on the community requested feature list (http:\/\/ossec.uservoice.com).While web interfaces are nice to have, many of us suffer from information island overload by having dedicated web interfaces for each application. This is why I was stoked when the syslog ouput feature was announced last summer (http:\/\/www.ossec.net\/dcid\/?p=139) and officially added in version 1.6. Now I can incorporate OSSEC alerts into my SIM\/SIEM or log management tool of choice, which not only eliminates the need for a dedicated OSSEC web interface but also allows for simplified incident analysis through aggregation and correlation.<\/p><\/blockquote>\n\n\n\n<p>Full article at&nbsp;<a href=\"http:\/\/www.ossec.net\/main\/splunk-ossec-integration\">http:\/\/www.ossec.net\/main\/splunk-ossec-integration<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is a guest article by Dale Neufeld \u2013 canuck.eh at gmail.com The status of the next version of the OSSEC web interface is one of the more commonly asked questions on the mailing list and is currently #2 on the community requested feature list (http:\/\/ossec.uservoice.com).While web interfaces are nice to have, many of us [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[],"_links":{"self":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/112"}],"collection":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/comments?post=112"}],"version-history":[{"count":1,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/112\/revisions"}],"predecessor-version":[{"id":113,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/posts\/112\/revisions\/113"}],"wp:attachment":[{"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/media?parent=112"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/categories?post=112"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/defragged.org\/ossec\/wp-json\/wp\/v2\/tags?post=112"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}