Does anyone know of work that has been done to make Splunk talk to Sourcefire's eStreamer (log API) available on their Defense Center?
Does eStreamer integration require a strategic partnership between vendors or do they post the API info so that anyone can play?
Thanks, Sean
Answering my own question here.
As of last week, Splunk for Sourcefire is now on Splunkbase.
This app takes advantage of eStreamer and works with Defense Center.
Answering my own question here.
As of last week, Splunk for Sourcefire is now on Splunkbase.
This app takes advantage of eStreamer and works with Defense Center.