eStreamer app seems to a great tool for visualizing all kinds of traffic going to sourceFire.
Just installed the latest splunk (6.1.1) and latest eStreamer (2.1.5), trying to configure it.
The problem is, I don't know what to fill for the field "Certificate path and filename" and what to configure on sourceFire Defense center side to allow an eStreamer client to connect and pull logs.
I have the admin login for the defense center, I don't see where in defense center to configure eStreamer client (say, client IP, or client certificate) either.
Thanks in advance,
Jin
... View more