all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Cisco ASA | SIEM Log filtering Best Practice

Add to bookmarks
Nov. 28, 2023, 11:26 a.m. | /u/angelopvtza

cybersecurity www.reddit.com

Hey all you SIEM and SecDevOPs Engineers.

Currently having major ingestion issues with Events logged from CISCO ASA.The problem: Even with filtering limited to Notification L5 events we accidently ingested 600M+ logs into Azure Sentinel via the CEF via AMA data-connector with the stream set to Microsoft-Ciscoasa

We need to drastically reduce the amount of logs coming in, however we're struggling to find resources/guides on best practice for event logging.

If there is a Cisco expert out there, can someone …

ama asa azure azure sentinel best practice cisco cisco asa connector cybersecurity data engineers events hey log logs major microsoft notification practice problem secdevops sentinel siem stream

Visit resource

More from www.reddit.com / cybersecurity

Got a job as a Information Security Engineer; any book recs? 11 hours ago | www.reddit.com
book books ccsp certification +13
Any CCISO holders that can offer insight into the exam? 13 hours ago | www.reddit.com
admin can compliance council +18
Penetration testing report 13 hours ago | www.reddit.com
app cybersecurity penetration penetration testing +2
UCF wins the National Collegiate Cyber Defense Competition 14 hours ago | www.reddit.com
competition cyber cyber defense cybersecurity +4
Composition of roles in a security team 16 hours ago | www.reddit.com
cybersecurity endpoint grc interest +12
What are your top 5 questions to ask before hiring a Managed Security Service Provider … 18 hours ago | www.reddit.com
alignment ask capabilities communication +22
How much knowledge do you guys know about the industry that you work in? 19 hours ago | www.reddit.com
banking cybersecurity etc gas +8
Cisco reveals zero-day attacks used by hackers to attack government networks in major threat campaign 21 hours ago | www.reddit.com
attack attacks campaign cisco +7
Any Fortune 100 company go all in on Microsoft E5 Security Suite? 1 day, 7 hours ago | www.reddit.com
all in cybersecurity defender defenders +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Principal Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com

Security Engineer- Systems Integration

@ Meta | Bellevue, WA | Menlo Park, CA | New York City
View on infosec-jobs.com

Lead Security Engineer (Digital Forensic and IR Analyst)

@ Blue Yonder | Hyderabad
View on infosec-jobs.com

Senior Principal IAM Engineering Program Manager Cybersecurity

@ Providence | Redmond, WA, United States
View on infosec-jobs.com

Information Security Analyst II or III

@ Entergy | The Woodlands, Texas, United States
View on infosec-jobs.com
View more jobs