Sending syslog from Cisco ASA to Graylog server

0
4577

Last articles we have looked at how to send log data from Linux OS, Windows OS, Cisco switches, HP switches to graylog server. This article about send log from Cisco ASA device to graylog.

You can send all the syslog messages to a syslog server. Perform these steps by using ASDM. First we need to enable logging:

Choose Configuration > Device Management > Logging > Logging Setup and check mark the Enable logging option.

Then Choose Configuration > Device Management > Logging > Syslog Servers and click Add to add a syslog server. Here we use 5341 UDP port.

We finish configuration on Cisco ASA. Now we can move to graylog server to create input to receive logs. Message inputs are the Graylog parts responsible for accepting log messages.

There are many inputs that support graylog and We will use SYSLOG UDP.

So login to graylog and go to System -> Inputs, choose syslog udp from the list and click on Launch new input

Then fill all required field as below and click Save:

Click “Show received messages” to look at logs:

That’s all. I hope, this article was helpful for you and You can look at other articles about graylog from here Graylog log management

LEAVE A REPLY

Please enter your comment!
Please enter your name here