Integration with Cisco Firewpower Estreamer
Posted: Tue Nov 20, 2018 8:44 am
Has anyone done this? Cisco has an app for splunk but I'm not finding any information for NLS. Is there any documentation or anyone who has done this?
I'm not familiar with the device. Is it capable of sending to a syslog server? That's the most common method of getting log into NLS.
Reading the doc(https://www.cisco.com/c/en/us/td/docs/s ... nGuide.pdf) the method of pulling logs is a bit more involved than what the usual inputs(https://www.elastic.co/guide/en/logstas ... ugins.html) will handle. However if there were a third party client that could pull the logs and save them to another machine or even the NLS machine, we could then forward(via nxlog, syslog, etc...) them to the NLS machine or use the file(https://www.elastic.co/guide/en/logstas ... -file.html) input to get them into NLS's database.