Summary
Utilizing SPLUNK data on the Security Management System (SMS)
Details
Yes, you can use SPLUNK to monitor, and analyze SMS data.
In order to faciliatate this you will have to setup a new SYSLOG server that comunicates with your SPLUNK server, when configuring select the SNORT V2 SYSLOG format.
snort[{0}]:${_delimiter}${snortSid}${_delimiter}${snortNameV2}${_delimiter}[Classification: ${snortClass}]${_delimiter}[Priority: ${snortPriority}]${_delimiter}{${snortProtocolV2}}${_delimiter}${snortSrcAddress}${_delimiter}->${_delimiter}${snortDestAddress}
In order to faciliatate this you will have to setup a new SYSLOG server that comunicates with your SPLUNK server, when configuring select the SNORT V2 SYSLOG format.
snort[{0}]:${_delimiter}${snortSid}${_delimiter}${snortNameV2}${_delimiter}[Classification: ${snortClass}]${_delimiter}[Priority: ${snortPriority}]${_delimiter}{${snortProtocolV2}}${_delimiter}${snortSrcAddress}${_delimiter}->${_delimiter}${snortDestAddress}