I've configured my ASA to send syslog to splunk server installed on centos. I took capture on ASA and I can see packets are leaving the ASA. I took capture on centOS on port 514 and packets are making to the centOS machine as well. For some reason I don't see them on splunk web.
I've created data input for UDP port 514 (all default), Source type (cisco:asa).
I'm really not sure what is the piece of info or config I'm missing here.
I would appreciate your quick help here.
... View more