Cisco WLC

Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Cisco WLC Logs

cisco_wlc_logs

Text

S3


Overview

imageCisco Wireless LAN Controllers (WLCs) are aiding in the management, control, and monitoring of Cisco wireless networks. They handle functions like access point (AP) provisioning, association and authentication of wireless clients, security and policy enforcement, radio frequency (RF) management, and quality of service (QoS) for wireless networks.

Integrating Cisco WLC Logs to Hunters allows to ingest the data from your appliances.

Supported data types

Cisco WLC Logs

Table name: cisco_wlc_logs

Syslog messages generated by Cisco WLC provide a wealth of information about the operational status, performance, and security of the wireless network, helping network administrators to maintain optimal network health and security.

Learn more here.

Send data to Hunters

Hunters supports the ingestion of Cisco WLC logs via an intermediary AWS S3 bucket.

To connect Cisco WLC logs:

  1. Export your logs from Cisco WLC to an AWS S3 bucket by following this guide.

  2. Once the export is completed and the logs are collected to S3, follow the steps in this section.

Expected format

Logs are expected in text format.

wodnyabcd1: *webauthRedirect: Oct 06 05:21:59.650: %EMWEB-6-PARSE_ERROR: webauth_redirect.c:123 parser exited. client mac= 12:12:12:12:12:d bytes parsed = 0 and bytes read = 194
wodnyabcd1: *webauthRedirect: Oct 06 05:21:59.650: %EMWEB-6-HTTP_REQ_BEGIN_ERR: http_parser.c:123 http request should begin with a character