Hi All,
I am new to elasticstack. I want to integrate Cisco devices with elasticsearch and kibana for which cisco module under filebeat is available for integration. But filebeat is installed on the host which has to be integrated. But if i want to integrate Cisco routers,switches,firewall etc it's not advisable to add filebeat there. Can someone please help me with the alternative for integrating cisco devices.
Hello,
You have to send Cisco logs to a host (a linux server for example) where you installed Filebeat and adapte the module which is by default configured to run via syslog on port 9001 for ASA and port 9002 for IOS
Check doc here > https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-cisco.html
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.