THIS TECHNICALLY ADD-ON HAS BEEN OFFICIALLY RETIRED - IT'S RECOMMENDED THAT CUSTOMER LEVERAGE THE SPLUNK CREATED AND SUPPORTED ADD-ON: https://classic.splunkbase.splunk.com/app/5579/ IN ORDER TO MINIMIZE CONFUSION AND FRUSTRATION FOR CUSTOMERS THAT WANT TO INGEST FDR DATA INTO SPLUNK, CROWDSTRIKE WILL BE OFFICIALLY DECOMMISSIONING THIS ADD-ON. CUSTOMERS SHOULD MIGRATE THEIR INGESTION ARCHITECTURE TO LEVERAGE THE SPLUNK BUILT AND SUPPORTED ADD-ON: https://splunkbase.splunk.com/app/5579/ CROWDSTRIKE WILL CONTINUE TO MAINTAIN THE CURRENT FUNCTIONALITY AS WELL AS WORK TO ADDRESS IDENTIFIED BUGS FOR FDR:SQS TECHNICAL ADD-ON UNTIL FEB 2023 CrowdStrike Falcon Data Replicator (FDR): SQS Technical Add-On is designed to facilitate the ingestion of CrowdStrike FDR data from the CrowdStrike S3 bucket leveraging a CrowdStrike provided SQS queue. This TA was designed to give FDR customers the ability create multiple, distributed inputs to better handle large amounts of data. In addition since the data not filtered it's able to be bulk uploaded into Splunk resulting in faster processing.