Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
147
Views
0
Helpful
0
Comments

Cisco Cloud Security Add-on for Splunk [1.0.39] is Released

The API Guy
Cisco Employee
Cisco Employee

on ‎03-10-2025 09:12 PM

You can use the Cisco Cloud Security Add-on for Splunk to bring Secure Access and/or Umbrella logs into Splunk from AWS S3 (from either your own bucket or from a Cisco Managed bucket).

Build 1.0.39 brings:

  • v10 schema log fields for the DNS, RAVPN, ZTNA, proxy, firewall, intrusion, and DLP logs.
  • Updated data models:
    • Changed the priority to 1 for the intrusion, firewall, and proxy logs.
    • Added the session data for the RAVPN log.
    • Added the authentication data for the ZTNA log.
    • Applied fixes for the intrusion and ZTNA models.

Please see the following link for installation and configuration guidance. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents