Hi,    Splunk has recently released an update to the app and add-on which may solve your issues:   Cisco eStreamer eNcore Add-on for Splunk: https://splunkbase.splunk.com/app/3662/   Cisco Firepower eNcore App for Splunk: https://splunkbase.splunk.co...