Splunk Team,
I'm looking for log management/application profiling from Cisco ASA Firewall.
On Firewall, syslog-udp/514 is enabled towards splunk server whereas Syslog id - 106100 is disabled for all firewall policies.
Currently, threat-detection is also disabled.
What do I need to get application profiling ( like total hits per ACL) working.
Thanks
~rk
... View more