Another case of eStreamer failure after FMC upgrade. This time after upgrade from 6.2.0.2 to 6.2.0.4 it worked for a week and after reboot ceased to send longs to Splunk.The following errors can be seen in the log. firepower SF-IMS[8734]: [20144] Event Streamer:sfestreamer [INFO] Estreamer_Poll – Got Try Again while …
Tag: eStreamer
For the last few days I was working on and off troubleshooting Splunk eStreamer client issue where application (App) was running but no IPS or File/Malware Events were populating panels. Log files under /opt/splunk/etc/apps/eStreamer/log were generated but for some reason App was not pulling them in. Eventually it would fail …