Steps to generate SPL file:
- Install Splunk in your local machine
- Download the Sophos Central Add-on from Splunkbase
- Copy TA-sophos-central-addon-for-splunk directory to splunk/etc/apps/ directory
- Restart Splunk.
- After installing the Splunk, Switch to /splunk/bin directory
- By following command user can generate SPL file :
- MAC/Linux: ./splunk package app your_app_name (TA-sophos-central-addon-for-splunk)
- Windows: splunk package app your_app_name (TA-sophos-central-addon-for-splunk)
- User will get location of spl like this:
- User can install add-on with this SPL file into Splunk, steps are mentioned here: Steps to install Splunk add-on
