For those who asked about OSSEC integration with Splunk 4, there is an initial download at:
http://www.southerington.com/redir.php?id=11The app is still something of a work-in-progress, but feel free to play with it. Feedback is welcome, but send it to me directly to avoid cluttering the list, unless it's relevant to everyone.
To install, extract ossec.tgz into /opt/splunk/etc/apps (or your equivalent directory). Check the README and KNOWN_ISSUES files for more detail.
Ultimately, the download will most likely move to the Splunk community apps page, but at the moment you'll need to use the link above.