I am new to Splunk and I am going to create data input of monitoring TCP packet to/from my laptop I have already installed Splunk enterprise and followed the instruction for monitoring the TCP port. I could create monitor data input but when I search nothing is captured? I have already generated this data in snort and now want to do the same thing in Splunk but it fails? Shall I need to install something further? or need to do a special configuration. I really lost in lots of documentation in Splunk and not sure how to solve this simple problem I appreciated any help Regards, Zeynab
... View more