Hi, I just installed cisco_firewall_addon for version 4.1 of splunk and I am having some issues. I have an ASA and a FWSM that I want to be recognized as a cisco_firewall sourcetype. The ASA is correctly recognized, but the FWSM is still categorized as cisco_syslog. I already went into the cisco_firewall_addon app config and changed it from %ASA OR %PIX to %ASA OR %PIX OR %FWSM and restarted, but that didn't resolve the issue. How do I change the FWSM to be recognized as cisco_firewall?
... View more