Provides access to packet captures on EndaceProbes related to log events displayed in Splunk. For NetOp or SecOp users this allows a rapid, seamless pivot from logs to packets, accelerating incident investigation and resolution.
This is the first release of the Endace Fusion Connector. The following known issues exist in this release:
• It is possible to specify an empty filename for individual rotation file downloads, which will result in a file with only a file extension for a filename. • Selecting a time range that has had data rotated, but for which metadata still exists, will return search results for data you can’t download. • Entering an existing user name on the setup screen (for example when changing a password) will result in an error. The workaround is to open the "endace/local/app.conf" file on the Splunk Server and delete the line associated with the user. • The compatibility mode in IE9 causes issues when executing a flow search. We recommend the customer turns off compatibility mode when using the Endace Fusion Connector, or uses another internet browser.