Can anyone suggest the new features that need to be developed in the OSSEC for Splunk app or Any issues that present users are facing .
I would like to see the app integrated with the Common Information Model.
It would also be good when the OSSEC event ID is displayed it acts as a hyperlink to a page within Splunk which then gives details of what the alert is, as per information from the OSSEC knowledgebase.