Cisco Security Suite 3.0.2 now includes Cisco IronPort Email Security Appliance (ESA) Data

By Jason Conger

The Cisco Security Suite app continues to get updated for Splunk 6.x. The latest addition is support to Cisco IronPort Email Security Appliance (ESA). A new add-on has been published that provides Common Information Model compliant field extractions and tags for data from Cisco ESA. So now, the Cisco Security Suite supports:

Cisco ASA and PIX firewall appliances, the FWSM firewall services module
WSA web security appliance
Cisco IronPort Email Security Appliance (ESA)
Cisco Identity Services Engine (ISE)

Also, with each release, we incorporate more feedback about documentation. So, in addition to documentation found within the Cisco Security Suite app itself, a subset of “getting started” documentation has been published under the Documentation tab on http://apps.splunk.com/app/525/.

Stay tuned, there is more to come…

Jason Conger

Jason Conger is the Partner Field CTO for Splunk, driving innovation and technical alignment with Splunk partners around the globe. With deep expertise in product architecture, integration, and cloud technologies, he helps align the Splunk technical roadmap with partners’ goals to drive innovative solutions that enhance customer success. Jason joined Splunk in 2012 and has fostered partner innovation and practices ranging from Mainframe to Cloud and everything in between.

Security 3 Min Read

Staff Picks for Splunk Security Reading January 2021

These monthly postings will feature the favorite security-centric presentations, white papers and customer case studies from various peeps in the Splunk (or not) security world that WE think everyone should read. If you would like to read other months, please take a peek at previous posts in the "Staff Picks" series!

Security 2 Min Read

Splunk User Behavior Analytics (UBA) 5.4 Delivers FIPS Compliance and Advanced Anomaly Detection

Splunker Fernando Jorge walks us through enhancements and new features in the latest User Behavior Analytics (UBA) product update, version 5.4.0.

Security 1 Min Read

Three Questions For Empowering Security: From Gartner’s Risk and Security Management Summit Europe

Key takeaways from this year's Gartner Risk and Security Management Summit Europe

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.