Hi,
New to the list and working with Bro. Interested in sending Bro logs to Alienvault OSSIM to consolidate two separate IDS and Argus systems.
Has anyone else done this or have a resource to share? The one article describing the rsyslog config to output the logs is dated 2011 so thought I’d ask while taking a look at the OSSIM Bro plugin.
Thanks in advance,
Chris