The latest Operations Guide states that "eNcore can only currently support one server". And this post on Splunk>answer says that they had to "contact Cisco directly and get the CLI version of estreamer". Are these info still correct with regard to the latest TA-eStreamer version 3.6.8?
Looking into the TA-eStreamer 3.6.8 code a bit, I see that it mandates Python 2.7. With that going away, what is Cisco's plan for Python 3 support?
Attempting to answer my 1st question: The default TA-eStreamer input is basically a Splunk scripted input, calling the bin/splencore.sh script to talk to an FMC. That script has a hard-coded "configFilepath". SO -- as a quick hack, if I make a copy of the "bin/splencore.sh" and modify the "configFilepath", I should be able to create a second scripted input in inputs.conf. Would that be correct? I'm going to give it a try and report back later.