You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the sc4s documentation cisco:wsa:l4tm is listed as a usable sourcetype. Splunk Docs also describe it: "to collect data for access logs, W3C logs, and L4TM logs for the Cisco Web Security Appliance, you must use Splunk Connect for Syslog."
In Cisco product documentation "Traffic Monitor Logs | Records sites added to the L4TM block and allow lists. | No | Yes" is listed as "Supports Syslog Push?" -> "No"
On recent v14.5.1-008 there is still no option to send l4tm logs using syslog:
can anybody help to clarify if this is a double documentation bug or any hints how to ingest cisco:wsa:l4tm using syslog?
Thanks for all in advance!
Andreas
The text was updated successfully, but these errors were encountered:
just to clarify, in Splunk docs it's stated that you can ingest Traffic Monitor Logs (cisco:wsa:l4tm) using syslog. The Vendor (Cisco) documents that this is not possible. I also try to show in the screenshot that ciscos documenation is right.
My question is: is this is an mistake in your documentation? How do you ensure that sourcestypes listed below "known vendors" are really working?
Hi all,
In the sc4s documentation cisco:wsa:l4tm is listed as a usable sourcetype. Splunk Docs also describe it: "to collect data for access logs, W3C logs, and L4TM logs for the Cisco Web Security Appliance, you must use Splunk Connect for Syslog."
In Cisco product documentation "Traffic Monitor Logs | Records sites added to the L4TM block and allow lists. | No | Yes" is listed as "Supports Syslog Push?" -> "No"
On recent v14.5.1-008 there is still no option to send l4tm logs using syslog:
can anybody help to clarify if this is a double documentation bug or any hints how to ingest cisco:wsa:l4tm using syslog?
Thanks for all in advance!
Andreas
The text was updated successfully, but these errors were encountered: