Hi,
Does anyone has alienvault ossim plugin for opnsense?
Or how can i integrate opnsense logs with alientvault ossim?
I forwarded the logs via "System: Settings: Logging / targets" menu.
I could just see syslog plugin in ossim, but log results are kind of meaningless.
Thanks,
Where did you find a Plugin for ossim?
Quote from: mimugmail on March 19, 2021, 06:11:54 AM
Where did you find a Plugin for ossim?
I think there is a misunderstandig.
There is no ossim plugin in opnsense, or i dont know. Logs are send via opnsense remote logging menu.
I am looking for an opnsense plugin in ossim.
Ok, so then it might be better to ask over there?
it is also an option but there are lots of plugins in ossim but much fewer siem solutions for opnsense.
So I thought it is more likely to find the answer here.
I searched there before asking here, but there is no opnsese plugin there.
there is just a suricata option afaik.
may be there is someone here who had an experience.
It should support Eve Log.
There is an option for eve log but for only suricata.
And unfortunatelly that doesnt work for suricata either, there should be a bug in plugin according to my searches.