Connect this data source on your own, using the Hunters platform.
TL;DR
Supported data types | 3rd party detection | Hunters detection | IOC search | Search | Table name | Log format | Collection method |
|---|---|---|---|---|---|---|---|
Mikrotik Logs | mikrotik_logs | Syslog | S3 |
Overview
MikroTik is a technology company specializing in networking hardware and software. It is best known for RouterOS, its powerful operating system for routers, and RouterBOARD, its line of networking devices. MikroTik products are widely used for building and managing networks, offering features like firewall management, VPN support, bandwidth shaping, and wireless connectivity. Known for affordability and flexibility, MikroTik is popular among ISPs, enterprises, and network administrators worldwide.
Supported data types
Mikrotik Logs
Table name: mikrotik_logs
System messages logged by Mikrotik, including system events such as startup, shutdown, and system reboots, along with any critical system errors, configuration changes like changes made to the router's configuration, who made the change, and when, network events like DHCP leases, PPPoE connections, and changes in interface status, and more.
Learn more here.
Send data to Hunters
Hunters supports the ingestion of Mikrotik logs via an intermediary AWS S3 bucket.
To connect Mikrotik logs:
Export the logs from the Mikrotik device by following this guide.
Then, ship the logs from your on-premise environment to an S3 bucket.
Once the export is completed and the logs are collected to S3, follow the steps in this section.
Expected format
Logs are expected in Syslog format.
Mikrotik Logs
<30>Nov 20 01:02:03 ABC-DE01 < - ike2 reply, exchange: CREATE_CHILD_SA:12345 11.22.33.44[1000] 1234ad83f3f35678:1122334d055ba6ff
<31>Nov 21 01:02:03 DEF-GH01 IPsec-SA established: 11.22.33.44[1000]- ->123.45.67.89[2000] spi=0x12b3456