Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk for Cisco ASA not show Data

edroche
New Member
‎02-22-2013 02:34 PM

Installed Splunk for ASA, install Google Maps, Sideview Utilities and TA-cisco_asa. I have confirmed that log from my ASA 5510 are being indexed. What should I be looking at? I am new to Splunk and would really like to get this working. Any thoughts or ideas are appreciated.

Thanks
Ed

Tags (3)
0 Karma
Reply

jcoates_splunk
Splunk Employee
Splunk Employee
‎10-04-2014 03:08 PM

in the interest of posting something on an old topic... here's how this works:

1) you feed the data into a splunk index (Splunk > Add Data > open a network listener where Cisco or syslog is sending stuff, or start looking at a directory where a syslog server is writing files)

2) at that point you can search the data using Splunk's search language, or try out a prebuilt app that expects this kind of data.

3) You can also try using an add-on that models the data to the Splunk Common Information Model app, which lets you use Search -> Pivot to easily build searches or see the data in apps built for CIM.

0 Karma
Reply

clucca3
New Member
‎06-03-2016 06:52 AM

I downvoted this post because does not address my specific question

0 Karma
Reply
Get Updates on the Splunk Community!

AI for AppInspect

We’re excited to announce two new updates to AppInspect designed to save you time and make the app approval ...

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Overview Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...