Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Cisco Firewall Add-On

johndursplk
Engager
‎06-11-2010 01:40 PM

I downloaded and installed the Cisco Firewall Add-On and it properly renamed the sourcetype of my ASA, FWSM and PIX firewall events to cisco_firewall. The problem is when I open the real time firewall dashboard, it works great for about 30 sec. and then all the pie charts disappear as well as the firewall-accept firewall-deny, and firewall-teardown sections on the bar graph at the top of the chart. Also, the Cisco firewall overview doesn't bring up anything. Any help would be appreciated. Thank you.

-John

Tags (2)
Reply

johndursplk
Engager
‎06-17-2010 12:06 PM

IE 7, I've also tried it on the newest version of Firefox with the same results..

0 Karma
Reply

hulahoop
Splunk Employee
Splunk Employee
‎06-11-2010 06:44 PM

John, what browser and version are you using?

0 Karma
Reply

Lowell
Super Champion
‎06-11-2010 06:11 PM

I'm not familiar with the Cisco Firewall add on, so this is pretty general advice...

Have you attempted to manually run any of the searches used by the various views? Often if you dissect the search you can track down the root issue. You may want to start with just the very core search command (which is the part of the search before the first pipe (|) character) and make sure that is returning events. If it is not, then figure that out first. If you are getting events, then try rebuilding the search adding one search command at a time until you figure out at which point the problem is occurring.

If you can find a more specific reason (or eliminate possible reasons) as to why you are having this problem, you can add additional details to you question here (use the "edit" link under your question) and hopefully someone here can point you in the right direction.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

Boston may be buzzing this September with Splunk University and .conf25, but you don’t have to pack a bag to ...

Splunk Lantern’s Guide to The Most Popular .conf25 Sessions

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Unlock What’s Next: The Splunk Cloud Platform at .conf25

In just a few days, Boston will be buzzing as the Splunk team and thousands of community members come together ...