Hello everyone,
Please i would be grateful if someone help me how i collect cisco Switch logs with ELK, it is my first time with ELK , I installed ELK in centos 7 .
1 Like
I followed this howto using rsyslog for Ubuntu but I imagine it would be similar in CentOS https://computingforgeeks.com/how-to-configure-rsyslog-centralized-log-server-on-ubuntu-18-04-lts/
After that, just point your Cisco switch at this new rsyslog destination:
logging host my.rsyslog.host.ip
More information about logging for the Cisco 2900 series is here and I imagine that the commands are similar for most of their switches: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swlog.html
1 Like
?? syslog==>logstash==> elasticsearch ?
I want a clear way to collect, normalize the cisco switch logs with ELK
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.