Does anyone know if Splunk can import Microsoft Event files or cap, pacp, pcapng files from programs like Wireshark, Network Minder etc?
I’m not a Senior Engineer but I thought cap, pcap and pcapng have been an industry standard file format for 25 years. Same with Microsoft event logs. Is she correct? Splunk doesn’t understand Microsoft event files or Wireshark pcap files?
Is there anyone at Splunk who has worked with Microsoft Event files or pcap files who might have a sample? Our Splunk Engineer wants us to submit sample files but I don’t have any sanitized files to give her. I’m hoping someone at Splunk can help me out.
Thanks
... View more