About Us: CyberCX is Australia’s greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: CCX Security Operations has taken it upon ourselves to update and improve the existing Firepower Syslog and Cisco Secure eStreamer Client (f.k.a Firepower eNcore) Add-On for Splunk as to ensure it is as CIM compliant as possible. This TA was built using a large dataset and endeavours to be the most CIM compliant comprehensive field extraction TA available for Cisco Firepower eStreamer and Firepower Syslog. The Technical Addon replaces the publicly available TA on Search Heads and Indexers, and it is based on the latest version. Fully compatible with Splunk Enterprise and Splunk Cloud, built by an Ops team for Ops teams. Features: - This TA currently supports logtypes tagged under the following CIM datamodels: Alert, Malware, Web, Network Traffic, Network Resolution (DNS), and Intrusion Detection (IDS). Attribution: CyberCX acknowledges the excellent (foundation) work done by the Cisco team to provide this TA.