cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Snapshot report from 2 gb Cisco ASA Firewall logs only showing 8 Apps?

Lassekatten
Copper Contributor

‎Sep 21 2020 09:35 AM

‎Sep 21 2020 09:35 AM

Snapshot report from 2 gb Cisco ASA Firewall logs only showing 8 Apps?

Hi all,

 

I have uploaded 2GB worth of FW logs from a Cisco ASA perimiter FW to create a MCAS snapshot report.

The network architect confirmed the log format is identical to the example one in the MCAS portal - it contains all Teardown TCP records.

Unfortunately the report only finds 8 cloud apps in total, which I seriously doubt is correct. 

Do any of you guys have a clue on what could be causing only 8 apps to show on the snapshot report?

 

Br.

Lars

755 Views
0 Likes
3 Replies
Reply
3 Replies
Caroline_Lee

‎Sep 24 2020 06:30 AM

‎Sep 24 2020 06:30 AM

Re: Snapshot report from 2 gb Cisco ASA Firewall logs only showing 8 Apps?

@Lassekatten Hi, there is a size limit for each log upload (1GB), that could be the reason. Also, do the logs contain any entries outside of the 90 day period?

 

Link to snapshot doc: https://docs.microsoft.com/en-us/cloud-app-security/create-snapshot-cloud-discovery-reports

0 Likes
Reply
Lassekatten

‎Sep 24 2020 07:07 AM

‎Sep 24 2020 07:07 AM

Re: Snapshot report from 2 gb Cisco ASA Firewall logs only showing 8 Apps?

@Caroline_LeeThanks a lot for the reply!

I have cut the log file into 500 mb files and the 2 GB is only from a 24 hour period approximately 2 weeks ago. So unfortunately I do not think that is the issue.

 

Br.

Lars

0 Likes
Reply
Caroline_Lee

‎Sep 24 2020 07:20 AM

‎Sep 24 2020 07:20 AM

Re: Snapshot report from 2 gb Cisco ASA Firewall logs only showing 8 Apps?

@Lassekatten Hi Lars, since you've checked the log format, size and time period there's no reason I can think of as to why you're only seeing 8 apps. I'd recommend opening a support ticket for this issue.

0 Likes
Reply