Hello,
I've setup a new Splunk server to demo here and i'm pretty new to the whole Splunk scene. i'm trying to add some of my cisco devices and I've installed the Cisco Security Suite with the Firewall part enabled. however none of the logs/data is being populated inside the app.
When i search for ASA i see a bunch (10k+) of hits for my firewall. i read through the documentation but that doesn't seem to help.
I've enabled data collection on the Splunk server via add data > TCP port > 514.
any help?
... View more