HI, splunker.
I'm testing two different versions of the estreamer app. (FMC : 5.4, 6.1 / Splunk App : 1629, 3662)
I found two problems with the encore version. (3662) and rec_type=400.
1) src_ip_country is okay (string), but dest_ip_country is number.
2) In the FMC 5.4 and Splunk App 1629, the fw_rule value is displayed as a letter,
but in the FMC 6.1 and Splunk App 3662 version it is displayed as a number.
I wonder if this is a bug or is it intended.
If it is a bug, would you tell me which python source to modify?
... View more