Logging Cisco Umbrella logs

Is it possible to log cisco umbrella logs to kibana?
If so, can someone provide me with some helpful links? Thanks

What is cisco umbrella and how does it log.

Essentially, Cisco umbrella is a cloud security platform.
You have three options of logging:

  • Log All Requests—For full logging, whether for content, security or otherwise
  • Log Only Security Events—For security logging only, which gives your users more privacy—a good setting for people with the roaming client installed on personal devices
  • Don't Log Any Requests—Disables all logging. If you select this option, most reporting for identities with this policy will not be helpful as nothing is logged to report on.

The logs are stored in a compressed (gzip) archive in CSV format. Logs are uploaded every ten minutes so there's a minimum of delay between network traffic coming from your network, being logged by Umbrella.

I don't know much more other than that.

Where does it upload them?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.