I recently downloaded theSplunkAdd-onforCiscoASA 3.0.0. When saved, the filename is "splunk-add-on-for-cisco-asa_300.tar". When I look at the file properties, size=48.3KB, size on disk=52.0KB....
hi, after installing this plugin, i have errors on every search, realted to cisco or not...
Always see this errors:
Could not load lookup=LOOKUP-cisco-asa-action_lookup
Could not load lookup=L...
Greetings. This may be elementary, but I have our CiscoASA 5516 sending logs via a syslog server to Splunk. I configured a basic inputs.conf file to do so.
The logs get into Splunk but the p...
...yslog server and then forward onto SPLUNK. What is the most simple solution? Any guides or links much appreciated.
Thanks,
JSM
DETAILED Cisco Commands applied to ASA:
logging enable
l...
...ithout simply filtering the IPs completely.
Here is an example of one of the events (IP addresses redacted)
Sep 18 14:55:36 XX.XXX.XX.XX %ASA-6-302014: Teardown TCP connection 871094319 for outside-L...
Hi,
I'm trying to get CiscoASA firewall logs into the Enterprise Security app. Is there an add-onfor that, SplunkforCiscoASA, or is it only supported in Cisco Security Suite?
Thanks,
Volto
Hi all! So I am helping the networking team transition their logging to Splunk and last week I discovered theCisco Meraki Add-on. Also discovered that in order to installtheadd-on as well a...
Hi Splunkers,
I have to implement Search Head Clustering (SHC) on my 4 search heads. I have a lot of apps and add-ons installed onone of the search heads which are heavily used and I'm not sure w...
Hi All,
Just getting the community consensus here. CiscoASA log events for Built and Teardown essentially contain the same information
http://www.cisco.com/c/en/us/support/docs/security/a...