...ocation
-I have tried indexing it to the default index as well as the IIS index.
2) CiscoAdd-OnforSplunk Enterprise (TA-cisco_ios)
-App is configured according to the documentation. -The...
All,
I am pulling logs to Splunk from Cisco Voice Servers, specifically Peripheral Gateways and Roggers. These logs are not in plain text onthe server. In order to view them normally, I would h...
I saw that http://apps.splunk.com/app/533/ Cisco ESA is deprecated, however, what add-on replaces it in theCisco Enterprise Security Suite? I'm only seeing ISE, WSA, and ASA
Hi, I am struggling with the configuration pxGrid onSplunkfor Rapid Threat Containment with ISE. I just installed a new instance of Splunk Enterprise 8.2.6 with CiscoISEadd-on module 4.1.0. P...
Team, Good day! I will need to install CiscoISE in Splunk Phantom. I have the new instance of Splunk Phantom installed, which is great!, but now I need to install CiscoISE. Does anyone h...
Hello, I was wondering where should I click to access this: /etc/system/default I need to edit https://docs.splunk.com/Documentation/Splunk/latest/Data/A...
Hi fellow splunkers,
today I decided to install the following splunkbase TA forCisco IOS in my environment.
https://splunkbase.splunk.com/app/1467/#/details
Without looking into the docs I...
Hi We have CiscoISE that sends log to our Splunk using rsyslog as a receiver for TCP Syslog. Problem are that some of the message from ISE pics up using LLDP information from our switchs and a...
Hi,
I have cisco ASA and ciscoISE syslogs coming to splunkon udp1026 port. I would like to differentiate the sourcetype and index for both.
Cisco ASA logs source type has to be changed as cisco...