When trying to install the Splunk add-on for Snort on Enterprise Security the following error is shown:
http://imgur.com/hFRjCXf
Is it needed to install this add-on in order to view data from the Snort alert.ids file? And if so, is there anyway to solve this error?
I am using the same alert.ids on the Splunk for Snort app and there is data shown.
Tested on Splunk 6.2.0 for both Windows 8 and Ubuntu with the same error shown.
Tested on Splunk 6.0.1 and 6.2.0 on a seperate computer also on Windows 8.
... View more