Hello,
I am involve a migration of Splunk from Linux to Windows server, and I also need to upgrade it to the latest version 6.4.2. I wanted to know if the existing Cisco Security Suite works on the latest version, and if not, what changes are required to implement the same.
An update to the Cisco Security Suite app (ver 3.1.2) has just been published to SplunkBase:
- This version fixes the compatibility issues previously reported (see change log in release notes: https://splunkbase.splunk.com/app/525/#/overview ).
- The Download of the app has been re-enabled.
An update to the Cisco Security Suite app (ver 3.1.2) has just been published to SplunkBase:
- This version fixes the compatibility issues previously reported (see change log in release notes: https://splunkbase.splunk.com/app/525/#/overview ).
- The Download of the app has been re-enabled.
Hi Neelu123, I have not found anything that does not work with Cisco Security Suite (CSS) 3.1.1 & Splunk Enterprise 6.4.2 in a lab with eventgen data.
Yet an absence of evidence is not evidence of absence, so your milage may vary. If you do find anything not working, please update this thread (CSS is presently community supported).
NB: CSS 3.1.1 does not report fully with the latest technology add-ons for WSA & ISE (CSS was using eventtypes from those TA's that are no longer present and that affects some of the searches & dashboards). I have sent an update of CSS to its owner that removes those dependencies.
Hi
Can you share the Cisco Security Suite for me? I tried look on web but don't have download link
Thanks
Hi Hungham, Cisco Security Suite is community supported. Because it had some compatibility issues with recent improvements to related technology add-ons, it has been temporarily removed from Splunkbase. It will be added back to Splunkbase once its knowledge objects are updated so its dashboards again populate correctly.
Thanks for your answer, i hope can get Cisco Security Suite soon in Splunkbase