all InfoSec news
Cisco ASA | SIEM Log filtering Best Practice
Nov. 28, 2023, 11:26 a.m. | /u/angelopvtza
cybersecurity www.reddit.com
Currently having major ingestion issues with Events logged from CISCO ASA.The problem: Even with filtering limited to Notification L5 events we accidently ingested 600M+ logs into Azure Sentinel via the CEF via AMA data-connector with the stream set to Microsoft-Ciscoasa
We need to drastically reduce the amount of logs coming in, however we're struggling to find resources/guides on best practice for event logging.
If there is a Cisco expert out there, can someone …
ama asa azure azure sentinel best practice cisco cisco asa connector cybersecurity data engineers events hey log logs major microsoft notification practice problem secdevops sentinel siem stream
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Associate Principal Security Engineer
@ Activision Blizzard | Work from Home - CA
Security Engineer- Systems Integration
@ Meta | Bellevue, WA | Menlo Park, CA | New York City
Lead Security Engineer (Digital Forensic and IR Analyst)
@ Blue Yonder | Hyderabad
Senior Principal IAM Engineering Program Manager Cybersecurity
@ Providence | Redmond, WA, United States
Information Security Analyst II or III
@ Entergy | The Woodlands, Texas, United States