edmundoa
commented
9 years ago Hi,
The Cisco Catalyst content pack only supports Cisco Catalyst devices, that's why it is not working with your Cisco 3845, which uses a different log format.
At the moment there is no other content pack for Cisco devices, so I am afraid you will need to create your own extractors for that log format. You may also ask in our mailing list or our IRC channel #graylog on Freenode to see if someone solved this problem in a different way.
I kindly remind you that we use Github to track issues with our codebase, please ask any support questions in our mailing list or IRC channel.
We want to forward network devices logs to graylog server. Had some problems with Cisco devices. We succeeded with IOS-XE Software, Catalyst 4500 L3 Switch Software (cat4500e-UNIVERSALK9-M), Version 03.05.03.E RELEASE SOFTWARE (fc1) with Cisco Catalyst Content Pack [udp port 11001]
We got stucked with Cisco 3845 Cisco IOS Software, 3800 Software (C3845-ADVENTERPRISEK9-M), Version 12.3(11)T3, RELEASE SOFTWARE (fc4) Do not work with Catalyst Content Pack Even dont work with extractors from article http://spottedhyena.co.uk/graylog2-cisco-asa-cisco-catalyst/
In graylog have many many "Sources" http://i.stack.imgur.com/xkelZ.jpg
How to fix Input for Cisco 3845 ?