https://splunkbase.splunk.com/app/2748/
GETTING STARTED
https://schwartzdaniel.com/pcap-analyzer-for-splunk-getting-started/
# dnf install wireshark
# tshark --version
# chown splunk.splunk -R /opt/splunk/etc/apps/SplunkForPCAP
[root@centos8 apps]# pwd
/opt/splunk/etc/apps
[root@centos8 apps]# ll
total 0
drwxr-xr-x 7 splunk splunk 79 Feb 14 10:04 alert_logevent
drwxr-xr-x 7 splunk splunk 79 Feb 14 10:04 alert_webhook
drwxr-xr-x 4 splunk splunk 37 Feb 14 10:04 appsbrowser
drwxr-xr-x 6 splunk splunk 68 Feb 14 10:04 gettingstarted
drwxr-xr-x 4 splunk splunk 32 Feb 14 10:04 introspection_generator_addon
drwxr-xr-x 6 splunk splunk 68 Feb 14 10:04 launcher
drwxr-xr-x 5 splunk splunk 50 Feb 14 10:05 learned
drwxr-xr-x 3 splunk splunk 21 Feb 14 10:04 legacy
drwxr-xr-x 6 splunk splunk 66 Feb 14 10:04 sample_app
drwxr-xr-x 9 splunk splunk 109 Feb 14 10:04 search
drwxr-xr-x 6 splunk splunk 64 Feb 14 10:17 splunk_archiver
drwxr-xr-x 11 splunk splunk 179 Feb 14 10:14 SplunkForPCAP
drwxr-xr-x 4 splunk splunk 37 Feb 14 10:04 SplunkForwarder
drwxr-xr-x 7 splunk splunk 130 Feb 14 10:04 splunk_gdi
drwxr-xr-x 3 splunk splunk 21 Feb 14 10:04 splunk_httpinput
drwxr-xr-x 8 splunk splunk 92 Feb 14 10:05 splunk_instrumentation
drwxr-xr-x 4 splunk splunk 37 Feb 14 10:04 SplunkLightForwarder
drwxr-xr-x 8 splunk splunk 96 Feb 14 10:04 splunk_metrics_workspace
drwxr-xr-x 11 splunk splunk 135 Feb 14 10:05 splunk_monitoring_console
drwxr-xr-x 4 splunk splunk 37 Feb 14 10:04 user-prefs
[root@centos8 apps]#
