Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Cisco Firewall Add-On

johndursplk
Engager
‎06-11-2010 01:40 PM

I downloaded and installed the Cisco Firewall Add-On and it properly renamed the sourcetype of my ASA, FWSM and PIX firewall events to cisco_firewall. The problem is when I open the real time firewall dashboard, it works great for about 30 sec. and then all the pie charts disappear as well as the firewall-accept firewall-deny, and firewall-teardown sections on the bar graph at the top of the chart. Also, the Cisco firewall overview doesn't bring up anything. Any help would be appreciated. Thank you.

-John

Tags (2)
Reply

johndursplk
Engager
‎06-17-2010 12:06 PM

IE 7, I've also tried it on the newest version of Firefox with the same results..

0 Karma
Reply

hulahoop
Splunk Employee
Splunk Employee
‎06-11-2010 06:44 PM

John, what browser and version are you using?

0 Karma
Reply

Lowell
Super Champion
‎06-11-2010 06:11 PM

I'm not familiar with the Cisco Firewall add on, so this is pretty general advice...

Have you attempted to manually run any of the searches used by the various views? Often if you dissect the search you can track down the root issue. You may want to start with just the very core search command (which is the part of the search before the first pipe (|) character) and make sure that is returning events. If it is not, then figure that out first. If you are getting events, then try rebuilding the search adding one search command at a time until you figure out at which point the problem is occurring.

If you can find a more specific reason (or eliminate possible reasons) as to why you are having this problem, you can add additional details to you question here (use the "edit" link under your question) and hopefully someone here can point you in the right direction.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...