Cisco ASA FWSM Field Extractions

Thanks For Downloading!

Review the documentation below and follow any custom installation steps. If no install steps are listed, most Splunk Apps and Add-ons can be installed as follows:

Windows: Decompress the downloaded file using a tool like 7-Zip and place the resulting folder into %PROGRAMFILES%\Splunk\etc\apps. Then restart Splunk using the splunk restart command or the GUI.

Unix/Linux: Decompress the downloaded file using a tool like tar -xvf and place the resulting folder into $SPLUNK_HOME/etc/apps. Then restart Splunk using the splunk restart command or the GUI.

Description

I fully normalized a lot of the events common events from FWSM and Cisco ASA events.

Versions and Release Notes

Version 1.0 (current version - updated May 02, 2011)

asa fwsm

posted 03 May '11, 02:19

dps
120●1
accept rate: 0%

new version 02 May '11, 19:19

One Review:

1 review, 0 ratings, average 0.0

oldest newest

nice start but useless if you have named configs like

Oct 7 14:56:55 local4.info 10.150.150.1 %FWSM-6-302013: Built inbound TCP connection 145793691584396543 for HGR-FWSM-INF-Context1:hst-12.1.51.3/56953 (hst-12.1.51.3/56953) to HGRRR-FWSM<>ASA:142.66.17.5/443 (142.66.17.5//443)

comments (0)

reviewed 07 Oct '11, 06:07

Starlette
463●2●3●27
accept rate: 9%

Your review

Did you find this app useful?

Preview toggle preview

Price:	Free
Author:	dps
Version:	1.0
Splunk compatibility:	4.3, 4.2, 4.1, 4.x, 5.x
Updated:	May 02, 2011
License:	Creative Commons BY 3.0
This app is not covered by any support agreements in place with Splunk. If you have questions about the installation or operation of this app, please contact the author.

Download App

Follow this app

Direct link:

Email:

RSS:

Reviews

Reviews + Comments

Related Apps

see all »