Do you know if Cisco eStreamer for Splunk supports Discovery Events for FireSIGHT version 5.4.x? The option is available at the FireSIGHT eStreamer configurations but I am not sure if this is supported by Splunk Cisco eStreamer for Splunk app. Thank you.
No but you could create a Correlation rule that generates a Correlation Event from any discovery event and that would be sent to Splunk. There will be a new version of the Splunk app in April/May. It will support all of the events types in their entirety.