Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Cisco Security Cloud

FQzy
Explorer
‎09-10-2024 08:57 AM

Hi guys,

Is there any documentation available out there to setup the Cisco Security Cloud app?

Specific requirements, "failed to create an input" and similar errors etc.

Qzy

Labels (1)
Labels
Reply

Mitesh_Gajjar
Explorer
‎09-11-2024 10:17 PM

@FQzy  

You can check the _internal logs to find the specific error related to "failed to create input" in the app by using the following search query: index=_internal source=*cisco*. You can also filter the logs by setting the log level to "error." For troubleshooting any add-ons, refer to the "Troubleshoot Add-ons" document available in the Splunk Documentation. Troubleshoot add-ons - Splunk Documentation.

You can provide internal error to developer team for future investigation.

Also, @PickleRick response was not generated using any AI. 

0 Karma
Reply

FQzy
Explorer
‎09-14-2024 03:36 AM

Thanks Mitesh,

 

The "failed to create input" was because I already had one the same from previous testing!

The rest of the app is still a mystery to me, I have emailed Cisco but no reply

 

Thanks again FQzy

0 Karma
Reply

Mitesh_Gajjar
Explorer
‎09-11-2024 12:08 AM

Hi @FQzy 

To set up the Cisco Security Cloud app in Splunk, you can find detailed guidance and documentation on the (https://splunkbase.splunk.com/app/7404).

### Key Steps for Setup:
1. Download and Install: You can download the Cisco Security Cloud app from Splunkbase. Make sure to follow the specific instructions for installation, which include compatibility checks and required add-ons.
2. Configure Data Inputs: The app requires the configuration of several data inputs based on your Cisco security products (e.g., Firewalls, Intrusion Protection, Web Security, etc.). The documentation provides step-by-step guidance for each type.
3. Troubleshooting Common Errors: For issues like "failed to create an input," ensure that all prerequisites (like appropriate permissions and network settings) are met. You may need to consult the app's [Splunkbase page](https://splunkbase.splunk.com/app/5558) for specific troubleshooting tips.

If you run into errors or specific issues during setup, it might also be helpful to check the community discussions and resources available on the Splunk website.

For your reference you can refer this document: https://developer.cisco.com/docs/cloud-security/cloud-security-app-for-splunk/#cloud-security-app-fo...

Reply

FQzy
Explorer
‎09-11-2024 06:33 AM

Thank you Mitesh_Gajjar

Unfortunately, https://splunkbase.splunk.com/app/7404) gives this very useful information:

No information provided.

Reach out to the developer to learn more.

 

The link to the Cisco website is for a different App altogether, so not much further along.

(https://splunkbase.splunk.com/app/5558)  is also a different app

Thanks for your efforts however!

Tags (1)
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎09-11-2024 06:45 AM

1.  @Mitesh_Gajjar 's response looks like generated with some lousy AI tool.

2. Unfortunately, the app is a third-party app so indeed your options are rather limited - either look into the app's contents and try to make sense of what's going on there or write to the email address provided in app's description trying to get more info.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...