Security Analytics

December 2: Central Log Management using Cisco Security Analytics and Logging 8am-9:30am PT Cisco Security Analytics and Logging is Cisco’s Central Log Management solution for Network Operations and Security Outcomes. It is delivered both as a cloud ...

I'm trying to resolve an issue related to a Configuration failure for SMC. What are the possible solutions for below issue? {"successful":false,"details":"exit code: 1ElementIDs without results: aide, auditLogDestination, configBackup, dns, dnsCache,...

November 18: Multicloud security posture and threat management with Stealthwatch Cloud 8am-9:30am PT Cisco Stealthwatch Cloud provides visibility, compliance, threat detection and investigation capabilities across on-premises and cloud environments. ...

Hi Team, Is there any document that can help to understand how cisco stealthwatch integrates with threatconnect (SOAR solution - now a part of RSA)?  RegardsRajesh

Good Day I recently enabled syslogs from a bluecoat proxy into Stealthwatch.I can see some URL data for users so on the surface it does seem good.I did notice in the log file though some errors. FC01:~# tail -f /lancope/var/sw-flow-proxyparser/logs/s...

Things appeared to go sideways yesterday (02/10) with regard to the data in the SLIC feed - as we received 40+ alerts of C&C activity as users were browsing to www.google.com - the destination IPs were what is expected for Google The destination C&C ...

Hi Team,I have installed Host Classifier application v1.0.13 on SMC v7.0.3, but it is not populating any data on App dashboard as it could not find pre-defined host groups. Does this app needs manual creation of host groups. Thanks.

(this might mean that someone trying to fool you or steal any info you send to the server)the above message appeared on the client side when using FTD decrypt-resigned, is there any one can help solving that issue . 

I just inherited Stealthwatch 6.10.5 all on VM which includes one of each of the following: smc, flow, udp.  I now need to renew/update the existing certificates that were installed.  I have renewed the existing certificates and have all three in a ....

Hello everyone, I understand that FlowSensor can provide "additional security context" by enabling the "Export HTTP(S) Header Data", "Export Packet Payload" and "Enable VXLAN Decapsulation". 1) Does that mean all the Stealthwatch Default Application ...

My ASA has numerous site to site VPNs connected to it.  I am trying to log the connections made from the inside network to remote VPN site subnets.  ACLs, as typical are bypassed for site to site vpns, so creating ACLs with logging preference are not...