All Apps and Add-ons

Is Cisco Security Suite 3.1.1 supported in Splunk 6.4.2?

neelu123
Explorer

Hello,

I am involve a migration of Splunk from Linux to Windows server, and I also need to upgrade it to the latest version 6.4.2. I wanted to know if the existing Cisco Security Suite works on the latest version, and if not, what changes are required to implement the same.

1 Solution

wahmad_splunk
Splunk Employee
Splunk Employee

An update to the Cisco Security Suite app (ver 3.1.2) has just been published to SplunkBase:
- This version fixes the compatibility issues previously reported (see change log in release notes: https://splunkbase.splunk.com/app/525/#/overview ).
- The Download of the app has been re-enabled.

View solution in original post

wahmad_splunk
Splunk Employee
Splunk Employee

An update to the Cisco Security Suite app (ver 3.1.2) has just been published to SplunkBase:
- This version fixes the compatibility issues previously reported (see change log in release notes: https://splunkbase.splunk.com/app/525/#/overview ).
- The Download of the app has been re-enabled.

bwooden
Splunk Employee
Splunk Employee

Hi Neelu123, I have not found anything that does not work with Cisco Security Suite (CSS) 3.1.1 & Splunk Enterprise 6.4.2 in a lab with eventgen data.
Yet an absence of evidence is not evidence of absence, so your milage may vary. If you do find anything not working, please update this thread (CSS is presently community supported).

NB: CSS 3.1.1 does not report fully with the latest technology add-ons for WSA & ISE (CSS was using eventtypes from those TA's that are no longer present and that affects some of the searches & dashboards). I have sent an update of CSS to its owner that removes those dependencies.

0 Karma

hungpham
Explorer

Hi
Can you share the Cisco Security Suite for me? I tried look on web but don't have download link

Thanks

0 Karma

bwooden
Splunk Employee
Splunk Employee

Hi Hungham, Cisco Security Suite is community supported. Because it had some compatibility issues with recent improvements to related technology add-ons, it has been temporarily removed from Splunkbase. It will be added back to Splunkbase once its knowledge objects are updated so its dashboards again populate correctly.

0 Karma

hungpham
Explorer

Thanks for your answer, i hope can get Cisco Security Suite soon in Splunkbase

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...