Hi there,
While Splunk Enterprise 8.2.7 isn't explicitly listed as compatible with Cisco FMC in the official compatibility matrix, there are workarounds and resources that can help you achieve integration:
Current Compatibility:
Workarounds:
- Upgrade Splunk: Consider upgrading to Splunk Enterprise 9.1.x for guaranteed compatibility and access to the latest features.
- Cisco eStreamer App: Explore the Cisco eStreamer App for Splunk (https://splunkbase.splunk.com/app/3662). This app can forward events from FMC to Splunk, even if your Splunk version isn't officially supported.
- Manual Integration: If you're comfortable with coding, you might be able to develop a custom script to extract data from FMC and send it to Splunk.
Community Resources:
- Splunk Community: Check the Splunk community forums for discussions and solutions related to integrating FMC with older Splunk versions (https://community.splunk.com/).
- Cisco Support: Contact Cisco support to inquire about potential compatibility issues or workarounds for using FMC with Splunk 8.2.7.
Remember:
- Using unsupported versions might lead to unexpected behavior or limited functionality.
- Upgrading to the latest compatible versions is generally recommended for optimal performance and security.
~ If the reply helps, a Karma upvote would be appreciated
