I have configured my Firewall Cisco ASA (CiscoASA model type) device to send syslog trap to SpectroSERVER and confirmed that the traps arrived at SpectroSERVER machine, however Spectrum doesn't raise alarms. OneClick Console Events tab only shows event 0x210d40 with the following message momentarily.
An event occurred for models '<Cisco ASA model name>' of type 'CiscoASA' for which no event format file exists.
This is Cisco ASA device certification issue. The 0x210d40 event was raised due to incoming Syslog trap from the devices. Syslog trap support for CiscoASA Model Type models is not implemented in Spectrum version before 10.2. Syslog trap support for CiscoASA Model Type models has been implemented from 10.2 onward.
Spectrum version before 10.2 on all OS platforms
Upgrade to Spectrum 10.2 or later. The implementation of Syslog trap support for CiscoASA devices is recorded in Fixes to Certifications section in 10.2/10.2.1 online documentation.
Symptom: Syslog Events for Cisco ASA devices not working.
Resolution: Added Syslog support for Cisco ASA devices.
(10.2.0, DE158440, 00356864)
You can do the following workaround if you don't want to upgrade, i.e. destroy the CiscoASA model type models and then rediscover the devices utilizing 'create by model type' method and set Rtr_Cisco model type during the remodeling. However this will remove subviews in the Information tab that specific to CiscoASA device.