The download page says "Cisco eStreamer eNcore Add-on for Splunk is an eStreamer client with a Splunk plugin that provides comprehensive event forwarding from all 6.x versions of Firepower Management Center to Splunk Enterprise and Splunk Enterprise Security.
The following event types are supported with complete schema coverage through the eStreamer API specification for FMC version 6.2."
Is the 6.x correct, or is there something about 6.3 that breaks it?
Version 6.3 and 6.4 should work exactly the same.
Doug