Solved: Unable to access the Splunk Add-on for Cisco ASA ...

adamblock1 · ‎04-07-2014

I recently downloaded the Splunk Add-on for Cisco ASA 3.0.0. When saved, the filename is "splunk-add-on-for-cisco-asa_300.tar". When I look at the file properties, size=48.3KB, size on disk=52.0KB.

When I attempt to open this with Winzip, I receive the message (error) "Error reading header after processing 0 entries".

I am interested in installing this add-on on my deployment server, but due to the error, I am not exactly sure how to do this. Assistance would be appreciated.

jcoates_splunk · ‎04-07-2014

hi, winzip should handle it if you change the extension from .tar to .tgz.

Alternatively, you can install it into a Splunk server by using Manage Apps -> Install from file.

View solution in original post

jcoates_splunk · ‎04-07-2014

hi, winzip should handle it if you change the extension from .tar to .tgz.

Alternatively, you can install it into a Splunk server by using Manage Apps -> Install from file.

jcoates_splunk · ‎04-07-2014

If you update Cisco Security Suite as well, then that should work.

adamblock1 · ‎04-07-2014

I currently have Splunk for Cisco Firewalls 2.0 (TA-Cisco) installed on the indexers and search head. Can this be disabled, and the Add-on for Cisco ASA used in its place?

Thank you.

adamblock1 · ‎04-07-2014

Thank you.

Unable to access the Splunk Add-on for Cisco ASA content

Data Preparation Made Easy: SPL2 for Edge Processor

Introducing Edge Processor: Next Gen Data Transformation

Tips & Tricks When Using Ingest Actions