icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading Cisco Bug Search and Analytics
SHA256 checksum (cisco-bug-search-and-analytics_001.tgz) c65ec389782320c9ff8c45c841fc25cc6f6639e05b47b9c7b514307bc395af37
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

Cisco Bug Search and Analytics

Splunk AppInspect Passed
Admins: Please read about Splunk Enterprise 8.0 and the Python 2.7 end-of-life changes and impact on apps and upgradeshere.
This App helps to search and analyze Cisco Bugs. This app takes an CSV export from Cisco Bug Search (https://bst.cloudapps.cisco.com/bugsearch/) and allows to run various analytics on it. It is possible to enrich this data with your own tags and assign bugs to specific product's components. This information helps to make well-considered upgrade and migration decisions.


This App helps to search and analyze Cisco Bugs

This app takes an CSV export from Cisco Bug Search (https://bst.cloudapps.cisco.com/bugsearch/) and allows to run various analytics on it. It is possible to enrich this data with your own tags and assign bugs to specific product's components. This information helps to make well-considered upgrade and migration decisions.

This is a first public release, consider it Beta.



  • Install Splunk Enterprise
  • Login to Cisco Bug Search (https://bst.cloudapps.cisco.com/bugsearch/)
  • Search for your product, do not apply any filters.
  • Export Results to Excel. If you get an error "the list exceeds the maximum of 10,000 results" then apply some filters or exports them in parts (for example first severity 1-3, then 5-6).
  • Open the bugsearch.xls file in Excel and export it in CSV UTF-8 format.
  • Login in Splunk and install this App (click on the dropdown list of apps top left > Manage Apps > Install app from file)
  • Launch this app (select "Cisco Bug Search and Analytics" in the dropdown list top left)
  • Import the CSV file:
    • Setting > Add Data > Upload > Select File > Next
    • Select sourcetype "cisco:bugs:template" from the dropdown list of sourcetypes
    • Check that the parsing is correct (no warnings on the right side pane)
    • Click on "Save As" and type the sourcetype name which MUST start with cisco:bugs:your_product_date, for example cisco:bugs:asa_10.Jan.2020 and click Save
    • Click Next > Next > Review > Submit > Start Searching
    • You can import several CSV for various products and switch between them anytime using the sourcetype dropdown.

Installation/Configuration step by step:

choosing sourcetype 1
choosing sourcetype 2
saving sourcetype

Working with Cisco Bug Search and Analysis App

  • First go to "Searchable Table of Bugs" to check if the CSV import was successfull and all information is parsed correctly. Choose your sourcetype (ex.: cisco:bugs:asa_10.Jan.2020) in the dropdown menu, you have to see a table with several columns: BugId, BUG headline, Symptom, Condition, Workaround, Known Affected Releases, Known Fixed Releases, tag and component. Use filters to find a particular infomation that you need.
  • If you see that the parsing is incorrect, for example some columns are empty, go to "Search" tab and check it manually.
  • Go to Top Bugs to find which BugIds affect most releases. Again, use filters to narrow.
  • You can use Bug Tagging to add your own information, Tags and Components, to the bug information. For example you can split bugs by type (Vulnerability, Performance, etc.) using Tags and by system component (Authentication, Core, Logging, API, Hardware, etc.) using Component. This is a tedious task, especially if you have thousands of bugs, so choose wisely which bugs to tag (relevant and recent only?). Once done, you can use advanced "Bug Analysis" to get more insights. Read below about how to tag.
  • If you plan to migrate or upgrade, use the statistic to estimate the stability of the release you want to deploy, if it contains bugs in system components which you need, etc.
  • If you want to learn about bugs, check if there are in many or only in few releases, which workarounds exist.
  • If you're looking to make your systems more stable, check if there are any components or conditions which are responsible for a large portion of problems. For example disable some non critical component or reducing the load can help avoid some kind of bugs.

How to assign components and tags

  • After you have read description of relevant bugs, you will get idea how to split bugs in different categories, like bugs caused a performance impact, or reducing stability, or vulnerabilities. Use tags to categorize bugs. From the other side you can split bugs by responsible or affected system components of the product, like authentication, logging, some external components/dependencies and so on.
  • Go to "Bug Tagging" and use "add a tag" or "add a component name" to populate a dropdown lists. Just type any keyword like "authentication" in the input field and press tab - the tag or component name will be in the dropdown menu after 10 seconds or less. You don't need to enter all possible tags/components at once, you can add them anytime later.
  • Now select your sourcetype below to display a table of bugs, then click on the BugId which you want to categorize - the BugId will be selected and displayed in the "selected BugId" above. Now assign a tag and a component name and press TAB. Both tag and component are optional, you can assign only a tag and leave a component empty and visa versa. After 10 seconds or less your tag/component will be shown in the table of the bugs.
  • You can assign components and tags to BugIds manually by modified corresponding lookup files directly. They are located in the lookup folder.

Bug tagging step by step:

Type a tag and press TAB, you new tag will appear in the dropdown list shortly.
bug tagging 1
Repeat this step until you've entered all desired tags and component names.
bug tagging 2
Now choose a sourcetype (a list of bugs you imported previously).
select sourcetype
Click on the bug which you want to add tag/component to. The BugId will be selected and shown in the input field.
select a BugId and tagging
Now apply a tag and/or a component name. The table below will be updated shortly and show tag/component in the table.


This app should work with Splunk 7.x/8.x on Windows and Linux platforms.


All what you do with this app is on your own responsibility!

Known issues

This is a first public release, it contains some bugs, but not too many so I need to write a own bug search tool :-)


Improve UI and add some advanced features.



Release Notes

Version 0.0.1
Dec. 15, 2019

First release, consider it Beta


Subscribe Share

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2020 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.