- We use OSSEC in a server/clients relationship. On the OSSEC server we send our logs over to our Splunk Server. I would think that you could do the same thing and send them to logstash/kibana.
- We also send our network devices logs to rsyslog on the OSSEC server and then let ossec parse them as well:
- Thats from memory, it's been a while since I had to revisit our logic of them time ;)
a guest Mar 11th, 2014 138 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
RAW Paste Data