In the dashboard - Cisco Nexus 1000v our VMWare ESXi with VEM are listed twice, once with IP-Address and once with FQDN. The latter is in error status, whereas the ip-address listed has a " green" status.Anybody a clue why Cisco VSUM is not able...
Ok, the Splunk server (7.1.1) is receiving the messages from the Snort UTD.
like this in the event description:
Jul 17 16:35:14 10.135.0.24 2018/07/17-18:35:14.513038 CEST [**] [Instance_ID: 1] [**] Alert [**] [1:27964:5] MALWARE-CNC Win.Trojan.Gh0st...
Hi,
Is the logging to Splunk and update server vrf "aware"?
Our Splunk server is reachable via the Management Interface of our ISR 443, but that interface is configured with vrf. The "utd engine standard", "loggin server X.X.X.X" is not accepting a...
