Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk for Cisco ASA not show Data

edroche
New Member
‎02-22-2013 02:34 PM

Installed Splunk for ASA, install Google Maps, Sideview Utilities and TA-cisco_asa. I have confirmed that log from my ASA 5510 are being indexed. What should I be looking at? I am new to Splunk and would really like to get this working. Any thoughts or ideas are appreciated.

Thanks
Ed

Tags (3)
0 Karma
Reply

jcoates_splunk
Splunk Employee
Splunk Employee
‎10-04-2014 03:08 PM

in the interest of posting something on an old topic... here's how this works:

1) you feed the data into a splunk index (Splunk > Add Data > open a network listener where Cisco or syslog is sending stuff, or start looking at a directory where a syslog server is writing files)

2) at that point you can search the data using Splunk's search language, or try out a prebuilt app that expects this kind of data.

3) You can also try using an add-on that models the data to the Splunk Common Information Model app, which lets you use Search -> Pivot to easily build searches or see the data in apps built for CIM.

0 Karma
Reply

clucca3
New Member
‎06-03-2016 06:52 AM

I downvoted this post because does not address my specific question

0 Karma
Reply
Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...