This document is intended for Cisco Engineers, Partners and Customers deploying Splunk-for-ISE Add-on & Cisco Identity Service Engine (ISE) 2.4+ (use current recommended release). The reader should be familiar with Splunk and ISE. It is assumed that Splunk Enterprise 7.x+ (8.x preferred) has been installed.
The purpose of this guide is to showcase the 2 applications available in Splunkbase to use with Cisco ISE Syslog. There was an application version before this that used pxGrid 1.0 and EPS (endpoint protection services) to quarantine devices. This functionality has been deprecated by Splunk.
This is the application used to collect and process information from ISE syslog so that it can be used in its queries/consoles, for more detailed information see the information listed under the application link for the configuration, etc
Hi Team, Is there any repository for the SecureX playbooks/workflows? I see the default workflows that are already available ("Submit URL to Threat Grid", "Take Forensic Snapshot", etc), how can I see/access some popular or recommended workflows to g...
Meet the Authors Video - CCIE Security and Practical Applications in Today’s Network: Zero Trust
(Live event – Thursday, 29th, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris)
This event had place on Thursday 29th, October 2020 at 10hrs ...
I am looking to utilize LDAPS (secure version of ldap tcp 636) for authentication mechanism on Cisco 9300 switch. When users login via HTTPS/SSH they would use their Microsoft AD account to do so. Is this possible? Currently working on solution and don't ...