📢 Read the latest Release Notes to learn what's new on Hunters! 💡

Cisco IOS

  • Published on Mar 3, 2026
Prev Next
Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Cisco IOS Logs

✅

✅

✅

✅

cisco_ios_logs

nested-json-text

S3


Overview

Cisco Internetwork Operating System (IOS) is the proprietary, multitasking operating system running on most Cisco routers and switches, providing a standardised Command Line Interface (CLI) for network configuration, security, and management. It supports essential, high-performance networking functions—including IPv4/IPv6, switching, and routing across various hardware platforms.

Key characteristics of Cisco IOS include its wide-ranging support for standard networking protocols, allowing devices to operate efficiently within diverse, multi-vendor infrastructures. It supports advanced, adaptive routing protocols, WAN optimisation, and provides robust security features like Access Control Lists (ACLs) to control traffic and protect network resources.  IOS is highly configurable, with features that are often enabled through licensing, and it is known for its ability to integrate tightly with Cisco hardware for high availability and reliable data transmission. Although the CLI requires a steep learning curve, it offers a uniform experience across many different hardware platforms.

Supported data types

Cisco IOS Logs

Table name: cisco_ios_logs

Detailed log records generated by Cisco IOS devices, capturing system events, network activity, and security-related information across routers and switches. These logs are used for monitoring, troubleshooting, and forensic analysis, providing visibility into configuration changes, interface status, routing updates, authentication events, access control actions, and detected security incidents to help maintain the reliability, performance, and security of network infrastructure.

Send data to Hunters

Hunters supports the ingestion of Cisco IOS logs via an intermediary AWS S3 bucket.

To connect Cisco IOS Logs:

  1. Export your logs from Cisco to an AWS S3 bucket by following this guide.

  2. Once the export is completed and the logs are collected to S3, follow the steps in this section.

Expected format

Logs are expected in NESTED JSON TEXT format.

{
  "message": "1234: AAA-BBB-123: 1234: Feb 27 04:40:13.406 UTC: %SEC-6-qwertcc: list GUEST permitted tcp 0.0.0.0(58) -> 1.1.1.1(43), 1 packet ",
  "source_ip": "1.4.2.3",
  "hostname": "AAA-BBB-123.example.global"
}