Getting Data In

how can I analyze logs and extract fields from network device

New Member

Even though I collected some logs from network device, like Cisco switch and firewall. but how can I analyze them and extract fields?
Splunk only supply a source "Cisco:asa", but it can only identify less fields from network device logs. Shall I extract them manually or there's another plugins to solve this problem?

0 Karma


Hi @lllidan,
see in if there's a Technical Add-on for your device that gives you all the needed extractions: probably this is what you're searching .
I'm sure that you'll find what you need, but otherwise, you can use a regex for this extraction.


0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.