Cisco Switch

Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

Cisco Switch Logs

✅

✅

cisco_switch_logs

Text

S3


Overview

imageThis article details how to ingest logs from Cisco Switch into Hunters.

Cisco switches, being a part of the vast array of networking products offered by Cisco Systems, come with logging capabilities which can provide invaluable insights into the network's health, performance, and security.

Integrating Cisco Switch Logs to Hunters allows to ingest the data from your appliances, as well as levarage it for Network related detection and response use cases and search use cases.

Supported data types

Cisco Switch Logs

Table name: cisco_switch_logs

Cisco switches, like other network devices, generate logs that provide detailed information about the system's operations, performance, and security events. These logs are invaluable for network administrators and security professionals for troubleshooting, monitoring network health, and ensuring security compliance. Cisco switch logs can be categorized into various levels of severity, from emergencies to informational messages, allowing for flexible management and prioritization of events.

Send data to Hunters

Hunters supports the ingestion of Cisco Switch logs via an intermediary AWS S3 bucket.

To connect Cisco Switch logs:

  1. Export your logs from the Cisco Switch to an AWS S3 bucket by following this guide by Cisco.

  2. Once the export is completed and the logs are collected to S3, follow the steps in this section.

Expected format

Logs are expected in text format.

Feb  5 2023 05:21:36.996 UTC: %ABC-6-ACCESS: list Data_Access permitted tcp 11.11.10.11(1234) -> 11.101.110.11(567), 1 packet