How do I receive logs from a Cisco device?

jreyes25 · May 17, 2024, 2:53pm

Hello,

I'm trying to see how to configure elasticstack to receive logs from cisco devices. I see in the Integrations for 'Cisco Logs' and says to configure the output.elasticsearch section of the filebeat.yml file then enable the Cisco module.

I have setup a fleet-server to manage the elastic-agents centrally and I'm receiving logs currently from the agents. So do I configure the filebeat.yml inside the elastic-agent directory (in my case it's /var/lib/elastic-agent/data/elastic-agent-de80b0/components/filebeat.yml)? And then have the cisco switch send the logs to that host IP? T.I.A.

jreyes25 · May 17, 2024, 6:04pm

Disregard. I installed the Cisco IOS integration and specified the host ip and port and started receiving logs.

jessgarson · May 20, 2024, 12:58pm

Thanks for sharing your solution, @jreyes25.

Topic		Replies	Views
Integrate cisco devices Beats filebeat	2	666	January 12, 2021
Sending cisco switch logs to elasticsearch Elasticsearch	3	1375	December 4, 2023
Cisco IOS logging - help required Elasticsearch fleet , integrations	9	2460	June 13, 2022
Cisco Logs Module - No logs received Beats filebeat	1	375	November 23, 2023
How to send Cisco devices logs to Logstash? Beats filebeat	3	3237	December 11, 2019

How do I receive logs from a Cisco device?

Related topics