All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to set up the Splunk Add-on for Cisco ASA on a Windows server?

ntdung
New Member
‎11-21-2014 09:31 AM

Dear all,
I'm a newbie:)
Is there anybody that can help run me through the step by step process to set up the Splunk Add-on for Cisco ASA on a Windows Server?

Many thanks!

0 Karma
Reply

jcoates_splunk
Splunk Employee
Splunk Employee
‎02-16-2015 09:38 AM

Hi, the key to understanding this is that the ASA add-on doesn't gather data, it models it. You need to configure Splunk to receive the data and set a sourcetype that tells the knowledge mapping in the Addon to apply.

If your devices are already configured to write logs into a syslog server, you can just monitor the directory. If you are starting from scratch, you can have the devices send syslog straight to Splunk by adding a network input.

0 Karma
Reply

demonio316
New Member
‎04-30-2015 11:56 AM

You did NOT answer his question.

0 Karma
Reply

jcoates_splunk
Splunk Employee
Splunk Employee
‎04-30-2015 03:50 PM

Hi, that's a good reason to use the down-vote button to the left of my answer.

Reply

dgahagan
New Member
‎12-04-2014 06:36 AM

Would be interested in this as well. I HAD it working but upgraded to v3.1.0 of the Splunk TA Add-on for cisco ASA and that broke everything.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to ...

Logs to Metrics

Logs and Metrics Logs are generally unstructured text or structured events emitted by applications and written ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...