Splunk Enterprise Security

Unable to access the Splunk Add-on for Cisco ASA content

adamblock1
Explorer

I recently downloaded the Splunk Add-on for Cisco ASA 3.0.0. When saved, the filename is "splunk-add-on-for-cisco-asa_300.tar". When I look at the file properties, size=48.3KB, size on disk=52.0KB.

When I attempt to open this with Winzip, I receive the message (error) "Error reading header after processing 0 entries".

I am interested in installing this add-on on my deployment server, but due to the error, I am not exactly sure how to do this. Assistance would be appreciated.

0 Karma
1 Solution

jcoates_splunk
Splunk Employee
Splunk Employee

hi, winzip should handle it if you change the extension from .tar to .tgz.

Alternatively, you can install it into a Splunk server by using Manage Apps -> Install from file.

View solution in original post

0 Karma

jcoates_splunk
Splunk Employee
Splunk Employee

hi, winzip should handle it if you change the extension from .tar to .tgz.

Alternatively, you can install it into a Splunk server by using Manage Apps -> Install from file.

View solution in original post

0 Karma

jcoates_splunk
Splunk Employee
Splunk Employee

If you update Cisco Security Suite as well, then that should work.

0 Karma

adamblock1
Explorer

I currently have Splunk for Cisco Firewalls 2.0 (TA-Cisco) installed on the indexers and search head. Can this be disabled, and the Add-on for Cisco ASA used in its place?

Thank you.

0 Karma

adamblock1
Explorer

Thank you.

0 Karma
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!