As we have Splunk running on a Windows server, could you suggest how your eStreamer app is setup to run correctly on a Windows server.
I note it is adapted for Linux and I have attempted to integrate it on Windows but cannot find the perl module NetAddr::IP after installing the rest below and creating a certificate for Splunk.
NetAddr::IP not installed
Can you suggest how to integrate this or an alternative to get Splunk to receive estreamer events?
Unfortunately at this point this is a Unix-only app. There is no Windows support, and it will NOT run on Windows without a LOT of modification. Sorry.
View solution in original post
Would you be able to provide information related to the modification. Will you have to modify components for the Search Head, Indexer, or both?
What level of skill would be needed to make these modifications?
Thanks for the response Colin.
Is there an alternative for integrating Sourcefire into Splunk on Windows?