Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Cisco Endpoint Security Analytics (CESA) Add-On for Splunk app icon

Cisco Endpoint Security Analytics (CESA) Add-On for Splunk

Use and Cisco TAC support of this Add-On and related App require a purchase of Cisco Endpoint Security Analytics (CESA) endpoint license beginning v2.1.4. Please see the Cisco Supplemental End User License (SEULA) below for details. Under the SEULA, free use is permitted for: a) one 90-day trial/proof of value installation; b) on-going use for installations with 50 or fewer Cisco AnyConnect clients. __________________________________________________________________________________________________________ The Cisco Endpoint Security Analytics (CESA) Add-On for Splunk allows IT administrators to analyze and correlate user and endpoint behavior in Splunk Enterprise. This Add-on provides configuration and collection of data from the Cisco AnyConnect Network Visibility Module IPFIX (nvzFlow) Collector. This module collects additional context such as user, device, application, location and destination for flows both on and off premise. See the Cisco Endpoint Security Analytics (CESA) for Splunk for more information - https://splunkbase.splunk.com/app/2992/#/details

Built by Cisco Systems
splunk product badge
Latest Version 4.0.7
June 25, 2025
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2
CIM Version: 5.x
Rating

0

(0)

Log in to rate this app
Support
Cisco Endpoint Security Analytics (CESA) Add-On for Splunk support icon
Not Supported
Use and Cisco TAC support of this Add-On and related App require a purchase of Cisco Endpoint Security Analytics (CESA) endpoint license beginning v2.1.4. Please see the Cisco Supplemental End User License (SEULA) below for details. Under the SEULA, free use is permitted for: a) one 90-day trial/proof of value installation; b) on-going use for installations with 50 or fewer Cisco AnyConnect clients. __________________________________________________________________________________________________________ The Cisco Endpoint Security Analytics (CESA) Add-On for Splunk allows IT administrators to analyze and correlate user and endpoint behavior in Splunk Enterprise. This Add-on provides configuration and collection of data from the Cisco AnyConnect Network Visibility Module IPFIX (nvzFlow) Collector. This module collects additional context such as user, device, application, location and destination for flows both on and off premise. See the Cisco Endpoint Security Analytics (CESA) for Splunk for more information - https://splunkbase.splunk.com/app/2992/#/details

Categories

Created By

Cisco Systems

Type

addon

Downloads

4,533

Licensing

Splunk Answers

Resources

Login to report this app listing