Can I use Wazuh without Splunk

167 views

Skip to first unread message

Ariel Ravicovich

unread,

Aug 21, 2018, 1:57:34 PM8/21/18

to Wazuh mailing list

HI ,

I am wondering if I can use Wazuh without Splunk . It is possible to use last version

any reason to use Splunk?

Regards

Ariel

Manuel Jiménez

unread,

Aug 21, 2018, 2:33:15 PM8/21/18

to Ariel Ravicovich, Wazuh mailing list

Hi Ariel,

Yes, you can use Wazuh without Splunk. Wazuh managers store alerts on their own in /var/ossec/logs/alerts/alerts.json
Additionally to that, you can use a search engine in order to keep a better track of the data, perform queries and draw visualizations in different dashboards.
We provide two options for this:

Elastic Stack. Along with it, you can use a specially developed Kibana plugin for Wazuh that takes advantage of the Kibana visualization and query capabilities while also adding more information using the Wazuh API, providing a comprehensive user interface for Wazuh.
Splunk. We provide a specially designed user interface for it, similar to what we do with Kibana and Elasticsearch.

I hope that helps, let me know about any doubt you may have.

Best regards,

Manuel

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+unsubscribe@googlegroups.com.
To post to this group, send email to wa...@googlegroups.com.
Visit this group at https://groups.google.com/group/wazuh.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/b7e73d5f-7f60-4412-8d8b-01d113a393a9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Manuel Jiménez Bernal

manuel....@wazuh.com

https://wazuh.com

Reply all

Reply to author

Forward

0 new messages