Closed susalgado closed 2 months ago
@susalgado Thanks for your feedback! We will investigate and update as appropriate.
@susalgado Thank you for bringing this to our attention. I've delegated this to content author @cwatson-cat, who will review it and offer their insightful opinions.
Thank you for your comment! We'll investigate and get back to you.
The referenced content is autogenerated content from the public repo: https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/CiscoASA. Looks like it's since been updated. #please-close
Hi team,
In regard to point 2:
While CEF (Common Event Format) is a log format used by many different security devices, including some Cisco devices, it's important to note that the Cisco ASA device does not use CEF for logging. Instead, it uses the Cisco ASA format. In the past, the Azure Log Analytics service (which is now part of Azure Monitor) used to collect both CEF and Cisco ASA logs through the same pipeline. This meant that both types of logs were processed and analyzed together in the same workspace. However, CEF and Cisco ASA logs are no longer part of the same pipeline.
Thank you, Kind regards Susana
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.