Hi All,
I have been having issues with getting logs into splunk from our cisco fwsm. When I open up wireshark I can see network traffic coming in but it does not hit any index. To prove this the...
...ocation
-I have tried indexing it to the default index as well as the IIS index.
2) CiscoAdd-OnforSplunk Enterprise (TA-cisco_ios)
-App is configured according to the documentation. -The...
All,
I am pulling logs to Splunk from Cisco Voice Servers, specifically Peripheral Gateways and Roggers. These logs are not in plain text onthe server. In order to view them normally, I would h...
I saw that http://apps.splunk.com/app/533/ Cisco ESA is deprecated, however, what add-on replaces it in theCisco Enterprise Security Suite? I'm only seeing ISE, WSA, and ASA
Hi, I am struggling with the configuration pxGrid onSplunkfor Rapid Threat Containment with ISE. I just installed a new instance of Splunk Enterprise 8.2.6 with CiscoISEadd-on module 4.1.0. P...
Dear community,
After i forwarded the syslog from Cisco ASA into SPLUNK i noticed that the logs are duplicated and this is consuming our license. Any help please ? Thank You
Team, Good day! I will need to install CiscoISE in Splunk Phantom. I have the new instance of Splunk Phantom installed, which is great!, but now I need to install CiscoISE. Does anyone h...
Hello, I was wondering where should I click to access this: /etc/system/default I need to edit https://docs.splunk.com/Documentation/Splunk/latest/Data/A...
Hi We have CiscoISE that sends log to our Splunk using rsyslog as a receiver for TCP Syslog. Problem are that some of the message from ISE pics up using LLDP information from our switchs and a...