|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: Concentrator
RSA Version/Condition: 10.3.3
|Issue||The Destination User Account (user.dst) meta key displays incorrect results for the Cisco ASA (ciscoasa) event source in RSA Security Analytics, as shown in the screenshot below.|
|Resolution||A fix for this issue is slated to be included in the Event Source Update (ESU) #75 release, scheduled to be released in the RSA Live update feed during the first week of December, 2014.|
The update is slated to be automatically pushed at that time to all Security Analytics environments that subscribe to the Cisco ASA event source.
It can also be applied once the ESU is released by removing and redeploying the event source in question.