CCX Add-on for Cisco Identity Services (ISE)

About Us: CyberCX is Australia’s greatest force of cyber security experts. Our highly skilled professional services team operates a 24x7 on-shore security operations centre (SOC) servicing corporate and public sector organisations across Australia and New Zealand, specialising in Security Operations services leveraging Splunk. Description: CCX Security Operations has taken it upon ourselves to update and improve the existing Splunk Add-on for Cisco Identity Services to ensure it is as CIM compliant as possible. This TA was built using a large dataset and endeavours to be the most CIM compliant comprehensive field extraction TA available for Cisco ISE. The Technical Addon is to be used on Search Heads and Splunk Heavy Forwarders. Features: - This TA currently supports logtypes tagged under the following CIM datamodels: Alerts, Authentication, Change, Certificates, Endpoint, Intrusion Detection, Network Session, Network Traffic, and Vulnerabilities. Attribution: CyberCX acknowledges the foundation work done by the Splunk Inc. team to provide this TA.