How to add the data of switches and routers into t...

splunkfly · ‎04-11-2016

How to configure adding the data of switches and routers into the Cisco Networks App for Splunk Enterprise?

gmerhej_splunk · ‎04-11-2016

Along with the App, you'll need to install the "Cisco Networks Add-on" and to use the sourcetype cisco:ios for the Syslog data sent from the switches and routers.

splunkfly · ‎04-11-2016

I have logs data stored on Syslog-ng ---->universal forwarder----> splunk Server
I couldn't find the feature sourcetype cisco:ios for the Syslog data sent from the switches and routers.
The Networks App looks great but I Need input the data from syslog server to splunk app, that's the challenging. If you can be help me with bit more information would helps me a lot.

gmerhej_splunk · ‎04-11-2016

You will need to manually define the sourcetype in the inputs.conf under the monitor stanza:

http://docs.splunk.com/Documentation/Splunk/6.4.0/Data/Bypassautomaticsourcetypeassignment

splunkfly · ‎04-13-2016

is this path is correct where inputs.conf file located ?? (Splunk_Home/etc/system/local/inputs.conf)

gmerhej_splunk · ‎04-16-2016

There are many inputs.conf. However, it's better to do the configuration in Splunk_Home/etc/apps/search/local/inputs.conf

How to add the data of switches and routers into the Cisco Networks App for Splunk Enterprise?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!

Catch Up Now >>

How to add the data of switches and routers into the Cisco Networks App for Splunk Enterprise?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE! Catch Up Now >>

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!

Catch Up Now >>