We are happy to announce the release of new versions of the Cisco Cloud Security Add-on and App for Splunk. The Add-on and App support both Secure Access and Umbrella.
What are They?
Customers who use Secure Access and Splunk can use the-
- Cisco Cloud Security Add-on for Splunk to bring their logged events into Splunk from AWS S3 (from either a customer or a Cisco Managed bucket).
- Cisco Cloud Security App for Splunk to display KPIs, which are presented in multiple dashboard panels, as well as investigate events, (using Investigate), and mitigate risks (using destination lists). The App also provides reports and management features.
What’s new?
Cisco Cloud Security Add-on for Splunk (build 1.0.40)
- Added v11 schema log fields as well as ZTNA Flow Logs.
- Removed the S3 file information from events and instead added it to the index (which provides a performance improvement).
- Removed the need to restart the Add-on after updates/installation (especially helpful for Splunk Cloud customers).
Cisco Cloud Security App for Splunk (build 1.0.46)
- Added a RAVPN Dashboard.
- Added a ZTNA Dashboard.
- Add a Private Resources Dashboard.
- Added a Private Resources panel with the ability to drill down into resource details.
Where can I get Them?
- You can download both from Splunkbase (links posted above and in our doc links below).
- Documentation:
