That's a copy-paste from the app description. What exactly are you asking us to do? Be aware that, while apps can be very useful, you may need to do more than just install an app to integrate Splunk with another product. Many apps, and this appears to be one of them, just display data already in your indexes. They expect you to use an add-on or your own wits to get the data from the other product into Splunk. I'm not aware of any add-ons that get data from Chronicle into Splunk. That returns us to my original response. Check the docs for Chronicle to see which of the onboarding methods is most appropriate to use.
... View more