
Source types for the Splunk Add-on for Cisco ASA
The Splunk Add-on for Cisco ASA provides the following source types:
Source type | Event type | CIM data models |
---|---|---|
cisco:asa
|
cisco_authentication
|
Authentication |
cisco_authentication_privileged
|
NA | |
cisco_connection
|
Network Traffic | |
cisco_intrusion
|
Intrusion Detection | |
cisco_vpn
|
Network Sessions | |
cisco_vpn_start
|
Network Sessions | |
cisco_vpn_end
|
Network Sessions | |
cisco_asa_network_sessions
|
Network Sessions | |
cisco_asa_audit_change | Change | |
cisco_asa_configuration_change
|
NA | |
cisco_asa_endpoint_processes
|
NA | |
cisco_asa_endpoint_filesystem
|
NA | |
cisco_asa_certificates
|
Certificates | |
cisco_asa_network_resolution
|
NA |
Last modified on 22 July, 2022
PREVIOUS Troubleshoot the Splunk Add-on for Cisco ASA |
NEXT Lookups for the Splunk Add-on for Cisco ASA |
This documentation applies to the following versions of Splunk® Supported Add-ons: released, released
Feedback submitted, thanks!