I can see that the Splunk App for CEF is announced EOL.
Is a new app coming or has it been renamed or rebranded?
Does anyone know of any other app that do the same job?
We have a similar issue. Splunk support did not have an answer.
One possible solution might be "CEF Extraction Add-on for Splunk"
I have not found documentation on it and it is not supported by Splunk.
I have also see references to a partial solution using some changes to the configuration on the splunk agent side.
With Splunk sending their CEF product EOL, I am surprised they don't have a corporate recommendation.
Anyone have more concrete solutions?