All Apps and Add-ons

Missing field from Splunk for Cisco Identity Services (ISE) logs: AllowedProtocolMatchedRule.

TitanAE
New Member

I have a feeling this question will answer a lot of other questions I have.

This field - AllowedProtocolMatchedRule - is missing from my Cisco ISE logs. The field is needed to populate data in the Cisco ISE App dashboard. But I have no record of this field, even going back to the beginning of time. I'm not sure how to resolve this problem.

0 Karma

d1nd141
Engager

afaik 3.0p2 (i'm not the admin of ISE)

0 Karma

d1nd141
Engager

Hi,
have the same issue.
You found a way to solve?

Thanks

0 Karma

TitanAE
New Member

I'm also having the same problem. Wish I had an answer for you 😞 What version of ISE are you running.

0 Karma
Get Updates on the Splunk Community!

How to Get Started with Splunk Data Management Pipeline Builders (Edge Processor & ...

If you want to gain full control over your growing data volumes, check out Splunk’s Data Management pipeline ...

Out of the Box to Up And Running - Streamlined Observability for Your Cloud ...

  Tech Talk Streamlined Observability for Your Cloud Environment Register    Out of the Box to Up And Running ...

Splunk Smartness with Brandon Sternfield | Episode 3

Hello and welcome to another episode of "Splunk Smartness," the interview series where we explore the power of ...