Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Cisco Firewall Add-On

johndursplk
Engager
‎06-11-2010 01:40 PM

I downloaded and installed the Cisco Firewall Add-On and it properly renamed the sourcetype of my ASA, FWSM and PIX firewall events to cisco_firewall. The problem is when I open the real time firewall dashboard, it works great for about 30 sec. and then all the pie charts disappear as well as the firewall-accept firewall-deny, and firewall-teardown sections on the bar graph at the top of the chart. Also, the Cisco firewall overview doesn't bring up anything. Any help would be appreciated. Thank you.

-John

Tags (2)
Reply

johndursplk
Engager
‎06-17-2010 12:06 PM

IE 7, I've also tried it on the newest version of Firefox with the same results..

0 Karma
Reply

hulahoop
Splunk Employee
Splunk Employee
‎06-11-2010 06:44 PM

John, what browser and version are you using?

0 Karma
Reply

Lowell
Super Champion
‎06-11-2010 06:11 PM

I'm not familiar with the Cisco Firewall add on, so this is pretty general advice...

Have you attempted to manually run any of the searches used by the various views? Often if you dissect the search you can track down the root issue. You may want to start with just the very core search command (which is the part of the search before the first pipe (|) character) and make sure that is returning events. If it is not, then figure that out first. If you are getting events, then try rebuilding the search adding one search command at a time until you figure out at which point the problem is occurring.

If you can find a more specific reason (or eliminate possible reasons) as to why you are having this problem, you can add additional details to you question here (use the "edit" link under your question) and hopefully someone here can point you in the right direction.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Take Action Automatically on Splunk Alerts with Red Hat Ansible Automation Platform

 Are you ready to revolutionize your IT operations? As digital transformation accelerates, the demand for ...

Calling All Security Pros: Ready to Race Through Boston?

Hey Splunkers, .conf25 is heading to Boston and we’re kicking things off with something bold, competitive, and ...

Beyond Detection: How Splunk and Cisco Integrated Security Platforms Transform ...

Financial services organizations face an impossible equation: maintain 99.9% uptime for mission-critical ...