All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Missing field from Splunk for Cisco Identity Services (ISE) logs: AllowedProtocolMatchedRule.

TitanAE
New Member
‎05-20-2020 12:38 PM

I have a feeling this question will answer a lot of other questions I have.

This field - AllowedProtocolMatchedRule - is missing from my Cisco ISE logs. The field is needed to populate data in the Cisco ISE App dashboard. But I have no record of this field, even going back to the beginning of time. I'm not sure how to resolve this problem.

0 Karma
Reply

d1nd141
Engager
‎11-29-2021 11:59 AM

afaik 3.0p2 (i'm not the admin of ISE)

0 Karma
Reply

d1nd141
Engager
‎11-23-2021 12:26 AM

Hi,
have the same issue.
You found a way to solve?

Thanks

0 Karma
Reply

TitanAE
New Member
‎05-20-2020 01:23 PM

I'm also having the same problem. Wish I had an answer for you 😞 What version of ISE are you running.

0 Karma
Reply
Get Updates on the Splunk Community!

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...