This app provides CIM compliant field extractions, eventtypes and tags for Cisco ACS events. This does not include any dashboards or views.
This app contains index-time operations for timestamping, linebreaking and host rewriting. These are, however, commented out, and should be reviewed prior to use.
This TA expects a sourcetype of cisco:acs.
This TA can be installed by untarring to the $SPLUNK_HOME/etc/apps directory, uploading via the web interface or by using Deployment Server.
This TA was created and tested with the following versions of Cisco ACS:
1.3: Made changes to event types (thanks to Vlad from Splunk!)
1.5: Changes to field aliases for changes in fieldalias behavior in Splunk 7.2 (thanks to danverandy)
Fixes typo app.conf
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.