TheCisco ACI Add-onforSplunk Enterprise provides these source types:
cisco:apic:health
cisco:apic:stats
cisco:apic:class
cisco:apic:authentication
And is Common Information Model (CIM) 4...
...ocation
-I have tried indexing it to the default index as well as the IIS index.
2) CiscoAdd-OnforSplunk Enterprise (TA-cisco_ios)
-App is configured according to the documentation. -The...
Hello, I was wondering where should I click to access this: /etc/system/default I need to edit https://docs.splunk.com/Documentation/Splunk/latest/Data/A...
I'm new to our environment here. Splunk is logging events from our Cisco ASA as a sourcetype of access_combined (see image). Is there a way to easily change that back to the original pre-trained sourcetyp...
All,
I am pulling logs to Splunk from Cisco Voice Servers, specifically Peripheral Gateways and Roggers. These logs are not in plain text onthe server. In order to view them normally, I would h...
I saw that http://apps.splunk.com/app/533/ Cisco ESA is deprecated, however, what add-on replaces it in theCisco Enterprise Security Suite? I'm only seeing ISE, WSA, and ASA
Hi, I am struggling with the configuration pxGrid onSplunkfor Rapid Threat Containment with ISE. I just installed a new instance of Splunk Enterprise 8.2.6 with CiscoISEadd-on module 4.1.0. P...
As part of performance analysis, we are asked to do sourcetypes and regex analysis. The first step I wanted to see is how I can map a sourcetype to an add-on/app/TA?
We have got around 2000 sourcetypes...
...nto a specific log file, depending onthe contents of the received message. This in effect should allow splunkers to identify which log file holds Cisco ASA events, and which log file holds CheckPoint e...