Integrating your Cisco ASA logs into Hunters will allow ingestion of the logs, as well as detection and advanced investigation and correlation over these logs.
Supported Data Types
Cisco ASA Firewall - Network connections logs by Cisco ASA (see more details here).
Hunters Integration
In order to integrate your Cisco ASA logs into Hunters, the logs need to be collected from your network to a Storage Service (e.g. to an S3 bucket or Azure Blob Storage) shared with Hunters. The collection of the logs should be done via syslog (more details here).
The expected format of the logs is the raw message format as exported by Cisco ASA. The expected timestamp format is %b %d %Y %H:%M:%S, where timestamps are in UTC.
For example:
Cisco ASA Firewall Log Sample
Dec 25 2021 23:59:56 10.1.2.3 : %ASA-6-305011: Built dynamic TCP translation from outside:10.1.2.3/12345(LOCAL\fuser123) to outside:10.2.4.6/54321
JavaScript errors detected
Please note, these errors can depend on your browser setup.
If this problem persists, please contact our support.
