FMC Syslog with Graylog Extractor

Let’s continue to talk about the Cisco Firepower Management Center, in this post we are going to look at sending connection events over to syslog. In this example I’m using Graylog which is an open source logging platform and  although any syslog server would work, one of the problems with syslogs is there is little uniformity when you have different systems sending these logs. One of the things that Graylog can to do is extract the raw message and put each part of message into a separate searchable field. We’ll configure the FMC to send syslogs and then configure an extractor on Graylog. Continue reading “FMC Syslog with Graylog Extractor”

Advertisements

Install RSYSLOG & LogAnalyzer on CentOS 6.5

rsyslog-loganalyzerI am looking at rsyslog which is fast syslog system and Loganalyzer as an upfront web GUI for those logs. The Loganalyzer application offers searching of various syslogs, all of which is open source and available to download. In this guide I will go through the steps to get these two applications to work together and in the end of this tutorial we should have a working syslog system ready to take logs! The operating system I am using is the latest CentOS 6.5 minimal. Let’s get started. Continue reading “Install RSYSLOG & LogAnalyzer on CentOS 6.5”