Security Analytics

cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Welcome to the Security Analytics Board!

Please take a look at our Stealthwatch Information Hub and our Stealthwatch Use Cases.

Forum Posts

Consuming Syslog Audit Logs

Hi ThereI have a few ASR55XX/ASR5000 boxes (StarOS) that do not support Netflow or Telemetry flows. They do however generate Syslog entries that provide insight into "who" logged in, "what time" the person logging in, "source ip" of the device used t...

deepagup by Cisco Employee
  • 1043 Views
  • 0 replies
  • 0 Helpful votes

FlowCollector Management Channel Down

Condition:    Type:                                  FlowCollector Management Channel Down    Severity:                           Major Description:                         Details:                              HTTP Authorization Error (HTTP/1.1 401 ...

Resolved! stealthwatch CTA to ISE integration

There is a simple guide to integrate ISE with CTA when using WSA, but it is dependent on logging into a CTA cloud account. This account does not seem to be present when using CTA with SW.How do I set CTA endpoint flags in ISE when using SW?

marklevi by Cisco Employee
  • 1256 Views
  • 3 replies
  • 0 Helpful votes