Hi
Is there any tutorial on how to install the the Reporting and Management for OSSEC app?
thanks
Installation
To install, extract the .tgz archive in $SPLUNK_HOME/etc/apps
You may need to enable the appropriate inputs, either via inputs.conf, or through the Manager in the Splunk GUI.
The application maintains a list of all known OSSEC servers in a lookup table. When you first install, this list will be empty except for a wildcard ntry. You can wait until it is populated automatically, or run OSSEC - Rebuild OSSEC Server Lookup Table from the Searches & Reports -> Utility menu.
Installation
To install, extract the .tgz archive in $SPLUNK_HOME/etc/apps
You may need to enable the appropriate inputs, either via inputs.conf, or through the Manager in the Splunk GUI.
The application maintains a list of all known OSSEC servers in a lookup table. When you first install, this list will be empty except for a wildcard ntry. You can wait until it is populated automatically, or run OSSEC - Rebuild OSSEC Server Lookup Table from the Searches & Reports -> Utility menu.
so i only need to extract the .tgz archive in splunk machine ?
That answer is extracted from the documentation, so Yes, extract it into the apps folder
Ok thanks 🙂