Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Cisco Secure Firewall App for Splunk app icon

Cisco Secure Firewall App for Splunk

****Updates July 15th, 2024*** The current Cisco Secure Firewall app is EOL, and has been replaced by the Cisco Security Cloud -- https://splunkbase.splunk.com/app/7404

splunk product badge
screenshot
screenshot
screenshot
screenshot
screenshot

Latest Version 1.9.1
February 20, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2
CIM Version: 5.x
Rating

0

(0)

Log in to rate this app
Support
Cisco Secure Firewall App for Splunk support icon
Developer Supported app
****Updates July 15th, 2024*** The current Cisco Secure Firewall app is EOL, and has been replaced by the Cisco Security Cloud -- https://splunkbase.splunk.com/app/7404 The Cisco Security Cloud -- https://splunkbase.splunk.com/app/7404 -- provides eStreamer SDK integration which will provide fully qualified event support for IDS, Malware, Connection and IDS Packet. The app is a hybrid TA/App combination that will enable support for connection and management to API and Host endpoints while also provided rich analytics to compliment SOC and monitoring use cases. ************************************ Cisco Secure Firewall App for Splunk presents critical security information from Threat Defense Manager (f.k.a. Firepower Management Center (FMC)) helping analysts focus on high priority security events. The app provides a number of dashboards and tables geared towards making Firepower event analysis productive in the familiar Spunk environment. It is an alternative user interface for some, and a complementary interface for others. Cisco is committed to continuously improving this app based on your direct feedback. Major Features Include - Threat Summary Dashboard - Advanced Impact Event analysis with directionality - Network Event data dashboard with IoCs and Firewall Rule usage (Allow/Block) - Context Explorer with Geo-location Map - Link back from Malware hash to FMC for File Trajectory - Link Back to FMC for Host Profile - Filters for CIDR Blocks and Allow/Block Rule actions TELL US WHAT WILL MAKE THIS APP BETTER FOR YOU! We want your feedback and any feature requests. Please email fp-4-splunk@cisco.com with any requests.

Categories

Created By

Cisco Security

Type

app

Downloads

17,368

Resources

Log in to report this app listing