Splunk Add-on for Cisco ASA

The Splunk Add-on for Cisco ASA allows a Splunk software administrator to map Cisco ASA devices events to the Splunk CIM. You can then use the data with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance. The Splunk Add-on for Cisco ASA 5.2.0 introduces the following field changes. 1. Improved performance of the search-time mapping of "src" field 2. Support the latest version of Cisco ASA v9.20(2) 3. Support the newest version of CIM v5.3.2 4. Introduced a built-in dashboard to give insights of the Add-On: -Add-on version installed -Total number of Cisco ASA events ingested in Splunk -Time-series graph of the Cisco ASA events ingested in Splunk -Number of events ingested in respective of index and source -Top 10 message IDs -Trends of events by index -CIM supported events

Built by Splunk LLC

Latest Version 5.2.0

May 29, 2024

Compatibility

Not Available

Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2

CIM Version: 5.x, 4.x

Rating

0

(0)

Log in to rate this app

Support

Splunk Supported addon

Learn more

Ranking

#10

in Security, Fraud & Compliance

#12

in IT Operations

The Splunk Add-on for Cisco ASA allows a Splunk software administrator to map Cisco ASA devices events to the Splunk CIM. You can then use the data with other Splunk apps, such as Splunk Enterprise Security and the Splunk App for PCI Compliance. The Splunk Add-on for Cisco ASA 5.2.0 introduces the following field changes. 1. Improved performance of the search-time mapping of "src" field 2. Support the latest version of Cisco ASA v9.20(2) 3. Support the newest version of CIM v5.3.2 4. Introduced a built-in dashboard to give insights of the Add-On: -Add-on version installed -Total number of Cisco ASA events ingested in Splunk -Time-series graph of the Cisco ASA events ingested in Splunk -Number of events ingested in respective of index and source -Top 10 message IDs -Trends of events by index -CIM supported events