This TA enables a direct tcpdump input on a linux system running Splunk Universal Forwarder. Possible use cases ------------------ - DNS Insight https://splunkbase.splunk.com/app/1827/ - DHCP Insight https://splunkbase.splunk.com/app/1837/ Contact ------- Please email me at splunk@compek.net if you have any issues. I actively support my apps and am excited to receive any feedback. splunk@compek.net