All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Could someone help me find an app for Splunk that will provide syslogs of my Cisco network gear?

melarnell
New Member
‎09-13-2022 01:00 PM

Hello everyone,

 

I was curious if someone could help me finding an app for splunk that will provide syslogs of my cisco network gear? (IE if someone changes a vlan or shuts a port) I can look up their user name or switch name, and it will provide me the time stamp, command that was ran and who did it

 

I used this a a prior employer and want to get this implements where I am employed now. This was good when there were outages and no one spoke up, accountability and training. 

Labels (1)
Labels
Tags (3)
0 Karma
Reply

chaker
Contributor
‎09-14-2022 11:44 PM

A good idea is to have a test/dev environment, so that you can test the outcome before putting the config into production.

Perhaps the app you are refering to is this one?

https://splunkbase.splunk.com/app/1352/#/overview

You can use a 60day Splunk trial to experiment with the cisco data and apps, or you may also consider applying for a developer license.

https://dev.splunk.com/enterprise/dev_license

0 Karma
Reply

chaker
Contributor
‎09-13-2022 04:57 PM

Have you searched Splunkbase for add-ons to support the equipment in question?

https://splunkbase.splunk.com/apps/#/search/cisco/product/all

Here is the ASA addon for example, which will normalize change events

https://docs.splunk.com/Documentation/AddOns/released/CiscoASA/DataTypes

https://splunkbase.splunk.com/app/1620/#/details

 

 

 

0 Karma
Reply

melarnell
New Member
‎09-14-2022 08:37 AM

@chaker  I did look though the product page, but not sure which Cisco one has the feature I am looking for. There are a few and I don't want to provide the team at my company to try each app until we get the right one, if it can be avoided. 

 

 

0 Karma
Reply
Get Updates on the Splunk Community!

Accelerating Observability as Code with the Splunk AI Assistant

We’ve seen in previous posts what Observability as Code (OaC) is and how it’s now essential for managing ...

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

 Splunk is More Than Just the Web Console For Digital Forensics and Incident Response (DFIR) practitioners, ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...