01-14-2019 01:53 AM
Dear cisco team,
Our company is going to implement Cisco CDA feautre along with Cisco ISE. I wanted to ask , since CDA is a separate application and requires a dedicated server, does it has its own syslogs that can be forwarded to IBM QRadar to monitor unusual activities?
I know CDA can take logs of other devices and forward it to a target logging server. But does it has its own logs?
Also, will tenable Nessus be bale to scan the CDA application for vulnerabilities? is it possible?
01-14-2019 03:40 AM
As per the documentation it has support to send external log Server also own the logs, Once the Logs can export outside, any SIEM can able to identify based on the support and availability.
01-14-2019 03:46 AM
there is no automated mechanism for sending these live logs to a target server?
Like in cisco ISE we define the target logging server and it will send the logs to it.
these live logs will have to be exported like in excel or such and then manually imported in any SIEM?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide