I have Snort IDS running on aLinux machine, and I have some pcap files from Snort. I have installed a Universal Forwarder on Linux, and I want to forward the pcap files to Splunk which is on a Windows machine. I also downloaded the Splunk application for PCAP which is called Splunk PCAP Analyzer, but I don't know how to forward pcap files to the application on Splunk.
Can anyone help me with that? Any help would be great.
Thank You
... View more