I am looking at how to set a specific index for this add-on as we have multiple groups responsible for Cisco devices, and we do not want them to see each others logs.
create indexes.conf under etc/apps//local to have your index. Then in the inputs.conf, for that monitor stanza/syslog etc.. you can setup index and sourcetype.
