Linux Netfilter (iptables) technology add-on

Since the release 3.2.0, the application relies on the very good quality add-on:

As such, please refer to the application documentation to every step related to the indexing configuration for Splunk:

Basically, the application globally use the following default query to retrieve the Iptables events::

(index=* eventtype=linux_netfilter)

However, this is very easily customizable via the settings page of the application. (available at first startup or in the “Help & Settings” menu.