This is the multi-page printable view of this section. Click here to print.
Cisco
- 1: Access Control System (ACS)
- 2: Adaptive Security Appliance (ASA)
- 3: Application Control Engine (ACE)
- 4: Cisco IOS
- 5: Digital Network Architecture (DNA)
- 6: Email Security Appliance (ESA)
- 7: Firepower
- 8: Firepower Threat Defence (FTD)
- 9: Firewall Services Module (FWSM)
- 10: HyperFlex (HX, UCSH)
- 11: Identity Services Engine (ISE)
- 12: Integrated Management Controller (IMC)
- 13: IOS XR
- 14: Meraki MX
- 15: Private Internet eXchange (PIX)
- 16: TelePresence Video Communication Server (VCS)
- 17: Unified Computing System Manager (UCSM)
- 18: Unified Communications Manager (UCM)
- 19: Viptela
1 - Access Control System (ACS)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | acs |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:acs | netauth |
2 - Adaptive Security Appliance (ASA)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | asa |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:asa | netfw |
3 - Application Control Engine (ACE)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | ace |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:ace | netops |
4 - Cisco IOS
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | ios |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:ios | netops |
5 - Digital Network Architecture (DNA)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | dna |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:dna | netops |
6 - Email Security Appliance (ESA)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | esa |
| format | text-plain | cef |
Note that the device can be configured to send plain syslog text or CEF-formatted output.
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype, index, and source settings:
| sourcetype | index | source |
|---|---|---|
| cisco:esa:http | esa:http | |
| cisco:esa:textmail | esa:textmail | |
| cisco:esa:amp | esa:amp | |
| cisco:esa:antispam | esa:antispam | |
| cisco:esa:system_logs | esa:system_logs | |
| cisco:esa:system_logs | esa:euq_logs | |
| cisco:esa:system_logs | esa:service_logs | |
| cisco:esa:system_logs | esa:reportd_logs | |
| cisco:esa:system_logs | esa:sntpd_logs | |
| cisco:esa:system_logs | esa:smartlicense | |
| cisco:esa:error_logs | esa:error_logs | |
| cisco:esa:error_logs | esa:updater_logs | |
| cisco:esa:content_scanner | esa:content_scanner | |
| cisco:esa:authentication | esa:authentication | |
| cisco:esa:http | esa:http | |
| cisco:esa:textmail | esa:textmail | |
| cisco:esa:amp | esa:amp | |
| cisco:esa | program: <variable> | |
| cisco:esa:cef | esa:consolidated |
Tested with: Splunk Add-on for Cisco ESA
7 - Firepower
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | firepower |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:firepower:syslog | netids |
8 - Firepower Threat Defence (FTD)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | ftd |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:ftd | netfw |
9 - Firewall Services Module (FWSM)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | fwsm |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:fwsm | netfw |
10 - HyperFlex (HX, UCSH)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | ucsh |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:ucsh:hx | infraops |
11 - Identity Services Engine (ISE)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
For details on configuring your Identity Services Engine to forward its logs to an AxoRouter instance, see Configure Remote Syslog Collection Locations in Cisco Identity Services Engine (ISE) Administrator Guide.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | ise |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:ise:syslog | netauth |
12 - Integrated Management Controller (IMC)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | cimc |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:cimc | infraops |
13 - IOS XR
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | xr |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:xr | netops |
14 - Meraki MX
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | meraki |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:meraki | netfw |
Tested with: TA-meraki
15 - Private Internet eXchange (PIX)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | pix |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:pix | netfw |
16 - TelePresence Video Communication Server (VCS)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | tvcs |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:tvcs | main |
17 - Unified Computing System Manager (UCSM)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | ucsm |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:ucs | infraops |
18 - Unified Communications Manager (UCM)
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | ucm |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:ucm | netops |
19 - Viptela
To onboard such an appliance to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | cisco |
| product | viptela |
| format | text-plain |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype and index settings:
| sourcetype | index |
|---|---|
| cisco:viptela | netops |