***This add-on is no longer supported. All customers are recommended to migrate to Cisco Firepower and utilize the Cisco Secure eStreamer Client (f.k.a Firepower eNcore) Add-On for Splunk. (https://splunkbase.splunk.com/app/3662/)*** The Splunk Add-on for Cisco FireSIGHT (formerly Splunk Add-on for Cisco Sourcefire) leverages data collected via Cisco eStreamer to allow a Splunk software administrator to analyze and correlate Cisco Next-Generation Intrusion Prevention System (NGIPS) and Cisco Next-Generation Firewall (NGFW) log data and Advanced Malware Protection (AMP) reports from Cisco FireSIGHT and Snort IDS through the Splunk Common Information Model. You can then use the mapped data with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance.