I do not see any new data inputs, I tried refreshing and restarting splunk.
Is there a video showing the install and how to get data to be used by the application?
Will there be something that allows to decode with protobuf?
You need to write a custom data handler to decode the protobuf binary payload. This is the purpose of custom data handlers.The app ships with several examples in different languages to get you started.There are many libraries available (just google) containing the logic to decode protobuf , so it would likely be very simply to create a custom data handler.
When a python script uses import inside the custom data handler, where does it look to find it?
Is it in here: /opt/splunk/etc/apps/protocol_ta/bin/vertx_modules/io.vertx~lang-jython~2.1.1/ ?
I am getting errors inside splunkd.log when I save the Protocol Data Input, so it looks like it is trying.
Refer this and follow guidelines for Setup, Configuration and Troubleshooting:
https://splunkbase.splunk.com/app/1901/#/details
Took a look. Attempted again , this time putting Java on first and not installing the app in the gui , but did it by hand with a tar.
Dont know which part helped, but I can see the Protocol Data Inputs in Data inputs now.
I still don't know how to get splunk to run the protobuf with the proto files I have.
Basically I have a linux command that works, and I need splunk to do it so I can index the data.
protoc --decode TelemetryStream firewall.proto -I /usr/include -I .
Is this the Custom data handler section?
have a look at https://www.splunk.com/blog/2014/11/11/protocol-data-inputs.html if it doesn't help then @Damien Dallimore can help you.