cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Not able to integrate on premise cisco ASA

Anurag65
Copper Contributor

‎Jan 23 2020 04:47 AM

‎Jan 23 2020 04:47 AM

Not able to integrate on premise cisco ASA

We are trying to integrate on premise cisco ASA with sentinel via syslog server. We have checked we are receiving the syslog server authentication logs on sentinel but not ASA logs. We have checked while running tcp dump command cisco ASA is forwarding the logs to syslog server but we are not receiving on the sentinel.

Please find the attached SS as well

While running the troubleshooting command we are receiving the below error

could not locate cef message in tcp dump

also a warning message logs you send is comply with RFC 5424sentinal error.JPG

1,498 Views
0 Likes
2 Replies
Reply
2 Replies
CliveWatson

‎Jan 25 2020 07:52 AM

‎Jan 25 2020 07:52 AM

Re: Not able to integrate on premise cisco ASA

Are you using the Sentinel - Data Connector for Cisco ASA? Also have you checked the port? https://docs.microsoft.com/en-gb/azure/sentinel/connect-cisco#step-2-forward-cisco-asa-logs-to-the-s...
0 Likes
Reply
AppropriateTangerine

‎Apr 21 2020 03:06 PM

‎Apr 21 2020 03:06 PM

Re: Not able to integrate on premise cisco ASA

@Anurag65 

Hi I'm having the same issue, did you resolve this?

0 Likes
Reply