Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
172
Views
0
Helpful
2
Replies

Cisco Firepower eStreamer Disconnected in Azure Sentinel unexpectedly

zaki-almustafa
Level 1
Level 1

‎05-13-2024 06:21 PM

Hi there, 

i got Cisco Firepower eStreamer Disconnected unexpectedly. i don't setting anything for this eStream, but unfortunately i got disconnected. but my CEF via AMA successfully connected. i try to run "./encore.sh test" and it say success. Also when i  Validate connection there is no issue. Did somebody know where i must check ?

 

CiscoEstream.png

0 Helpful
2 Replies 2

zaki-almustafa
Level 1
Level 1

‎05-13-2024 08:02 PM

Sorry but when i check it again i got 2 errors, it says : 

1. verify_oms_agent_not_running-------------------> Failure
and the second one 

2. Could not locate CEF message in tcpdump. Please verify CEF events can be sent to the machine and there is not firewall blocking incoming traffic
listen_to_incoming_events----------------------> Failure

i don't know where to solved this issue 

0 Helpful

adrian_iovita
Level 1
Level 1

‎05-17-2024 09:11 PM

Did you run the troubleshooting commands with root permission (sudo)?

You need to have elevated permissions to run the agents.

0 Helpful
Customers Also Viewed These Support Documents