All Apps and Add-ons

How to setup Cisco eStreamer for Splunk on a Windows server to run correctly?

ITSEC_BG03
New Member

As we have Splunk running on a Windows server, could you suggest how your eStreamer app is setup to run correctly on a Windows server.
https://apps.splunk.com/app/1629/

I note it is adapted for Linux and I have attempted to integrate it on Windows but cannot find the perl module NetAddr::IP after installing the rest below and creating a certificate for Splunk.

Getopt::Long
Socket
IO::Socket::SSL
NetAddr::IP not installed
Storable

Can you suggest how to integrate this or an alternative to get Splunk to receive estreamer events?

0 Karma
1 Solution

cgrady_sf
Path Finder

Hello,

Unfortunately at this point this is a Unix-only app. There is no Windows support, and it will NOT run on Windows without a LOT of modification. Sorry.

  • Colin

View solution in original post

0 Karma

cgrady_sf
Path Finder

Hello,

Unfortunately at this point this is a Unix-only app. There is no Windows support, and it will NOT run on Windows without a LOT of modification. Sorry.

  • Colin
0 Karma

jmartin15
New Member

Would you be able to provide information related to the modification. Will you have to modify components for the Search Head, Indexer, or both?

What level of skill would be needed to make these modifications?

0 Karma

ITSEC_BG03
New Member

Thanks for the response Colin.

Is there an alternative for integrating Sourcefire into Splunk on Windows?

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...