https://community.splunk.com/t5/Getting-Data-In/Not-able-to-see-the-syslogs-of-ASA-on-Splunk-Web/m-p/356067#M65033 <P>Hi All,</P> <P>I've configured my ASA to send syslog to splunk server installed on centos. I took capture on ASA and I can see packets are leaving the ASA. I took capture on centOS on port 514 and packets are making to the centOS machine as well. For some reason I don't see them on splunk web.</P> <P>I've created data input for UDP port 514 (all default), Source type (cisco:asa). </P> <P>I'm really not sure what is the piece of info or config I'm missing here. </P> <P>I would appreciate your quick help here.</P> <P>Regards,<BR /> Dv</P> Wed, 08 Nov 2017 18:05:07 GMT dineshverma 2017-11-08T18:05:07Z https://community.splunk.com/t5/Getting-Data-In/Not-able-to-see-the-syslogs-of-ASA-on-Splunk-Web/m-p/356067#M65033 <P>Hi All,</P> <P>I've configured my ASA to send syslog to splunk server installed on centos. I took capture on ASA and I can see packets are leaving the ASA. I took capture on centOS on port 514 and packets are making to the centOS machine as well. For some reason I don't see them on splunk web.</P> <P>I've created data input for UDP port 514 (all default), Source type (cisco:asa). </P> <P>I'm really not sure what is the piece of info or config I'm missing here. </P> <P>I would appreciate your quick help here.</P> <P>Regards,<BR /> Dv</P> Wed, 08 Nov 2017 18:05:07 GMT https://community.splunk.com/t5/Getting-Data-In/Not-able-to-see-the-syslogs-of-ASA-on-Splunk-Web/m-p/356067#M65033 dineshverma 2017-11-08T18:05:07Z https://community.splunk.com/t5/Getting-Data-In/Not-able-to-see-the-syslogs-of-ASA-on-Splunk-Web/m-p/356068#M65034 <P>What are you using to capture the syslog packets on the linux box? syslogd, rsyslog, syslog-ng, or splunk?</P> Wed, 08 Nov 2017 20:01:26 GMT https://community.splunk.com/t5/Getting-Data-In/Not-able-to-see-the-syslogs-of-ASA-on-Splunk-Web/m-p/356068#M65034 xavierashe 2017-11-08T20:01:26Z https://community.splunk.com/t5/Getting-Data-In/Not-able-to-see-the-syslogs-of-ASA-on-Splunk-Web/m-p/356069#M65035 <P>Are you looking to get data from your firewall for security events? If this is the case, you will need to install the Splunk for Cisco Security App which will provide a dashboard that contains Security Event Statistics, as well as being able to look at a Firewall Overview or Event Search.</P> Wed, 08 Nov 2017 20:44:06 GMT https://community.splunk.com/t5/Getting-Data-In/Not-able-to-see-the-syslogs-of-ASA-on-Splunk-Web/m-p/356069#M65035 molinarf 2017-11-08T20:44:06Z