SECURITY

Cisco Security Suite 3.0.3 now includes Cisco Sourcefire

The Cisco Security Suite app continues to get updated for Splunk 6.x.  The latest addition is support for Cisco Sourcefire.  Information from your eStreamer server (e.g. Defense Center) is visualized including:

  • Intrusion events
  • Sensor information
  • Policy information
  • Hosts
  • Flow summaries
  • File / Malware events
  • Correlation events

So now, the Cisco Security Suite supports:

  • Cisco ASA and PIX firewall appliances, the FWSM firewall services module
  • WSA web security appliance
  • Cisco IronPort Email Security Appliance (ESA)
  • Cisco Identity Services Engine (ISE)
  • Cisco Sourcefire

Also, with each release, we incorporate more feedback about documentation.  Documentation can be found within the Cisco Security Suite app itself and on the Documentation tab on http://apps.splunk.com/app/525/.

Be sure to check out Splunk Answers as well for community feedback http://answers.splunk.com/apps/22300/related_questions/

Finally, if you want to contribute, check out the Cisco Security Suite repository on GitHub https://github.com/splunk/splunk-app-cisco-security-suite

Stay tuned, there is more to come…

Jason Conger
Posted by

Jason Conger

Join the Discussion