Connect this data source on your own, using the Hunters platform.
TL;DR
Supported data types | 3rd party detection | Hunters detection | IOC search | Search | Table name | Log format | Collection method |
---|---|---|---|---|---|---|---|
Cisco Switch Logs | ✅ | ✅ | cisco_switch_logs | Text | S3 |
Overview
This article details how to ingest logs from Cisco Switch into Hunters.
Cisco switches, being a part of the vast array of networking products offered by Cisco Systems, come with logging capabilities which can provide invaluable insights into the network's health, performance, and security.
Integrating Cisco Switch Logs to Hunters allows to ingest the data from your appliances, as well as levarage it for Network related detection and response use cases and search use cases.
Supported data types
Cisco Switch Logs
Table name: cisco_switch_logs
Cisco switches, like other network devices, generate logs that provide detailed information about the system's operations, performance, and security events. These logs are invaluable for network administrators and security professionals for troubleshooting, monitoring network health, and ensuring security compliance. Cisco switch logs can be categorized into various levels of severity, from emergencies to informational messages, allowing for flexible management and prioritization of events.
Send data to Hunters
Hunters supports the ingestion of Cisco Switch logs via an intermediary AWS S3 bucket.
To connect Cisco Switch logs:
Export your logs from the Cisco Switch to an AWS S3 bucket by following this guide by Cisco.
Once the export is completed and the logs are collected to S3, follow the steps in this section.
Expected format
Logs are expected in text format.
Feb 5 2023 05:21:36.996 UTC: %ABC-6-ACCESS: list Data_Access permitted tcp 11.11.10.11(1234) -> 11.101.110.11(567), 1 packet