Hi all! So I am helping the networking team transition their logging to Splunk and last week I discovered theCisco Meraki Add-on. Also discovered that in order to installtheadd-on as well a...
Greetings. This may be elementary, but I have our Cisco ASA 5516 sending logs via a syslog server to Splunk. I configured a basic inputs.conf file to do so.
The logs get into Splunk but the p...
Where should the "Cisco AMP for Endpoints CIM Add-On" and the "Cisco AMP for Endpoints Events Input" be installed?
Has anyone used this in a distributed environment, the doco is a bit sketchy in t...
...et of auto-parsed Cisco fields, e.g. x_webcat_code_full, x_wbrs_score, etc. Also, when invoking individual saved reports associated with the dashboard (and installed by theCiscoAdd-on), they also r...
Hi Splunkers,
I have to implement Search Head Clustering (SHC) on my 4 search heads. I have a lot of apps and add-ons installed onone of the search heads which are heavily used and I'm not sure w...
I need help coming up with a query that can help create an IDPS/Internet Content Filtering dashboard in Splunk to continuously monitor the web traffic or pull reports when asked.
Is the app (Cisco Secure eStreamer Client Add-On[https://splunkbase.splunk.com/app/3662]) even usable onsplunkcloud? I can install it from the "browse more apps" page in the cloud app m...
...etstat -tuna onthe Ubuntu Server confirms UDP/514 is not listening. I wanted theSPLUNK server to open that port and "manage" it. I want to keep things as simple as possible and not install another s...
...etwork with a specific IP range? I essentially want forSplunk Enterprise to act as a logger for all traffic that enters the internal network on a certain port, for example. How do I go about it? FYI - I...