Cisco Switch index missing

[JoeDanser]

I have a cisco switch running IOS 15.0(2)SE8 sending syslog to TCP/1470. I have enable the Cisco Switch integration. the syslogs are only showing in the generic datasource and the is a application log error that the log-cisco-switch-* index was not found. running the latest version of UTMStack.

[c3s4rfred]

Hi, Joe, have you installed a windows or linux agent to receive the logs as the guide says?

Best regards

[JoeDanser]

I have the linux agent installed on the UTMStack server and ran the necessary config commands to enable the listeners Joe Dansereau CISSP, MCITP-EA Senior Systems Architect ***@***.******@***.***> ***@***.*** ? DPRA Inc 10215 Technology Dr Suite 201 Knoxville, TN 37932 Direct: 865-218-0107 | Mobile: 865-621-7152 Fax: 865-777-4010 From: Freddy R. Laffita Almaguer ***@***.***> Sent: Monday, July 29, 2024 8:48 AM To: utmstack/UTMStack ***@***.***> Cc: Joseph Dansereau ***@***.***>; Author ***@***.***> Subject: [External Email] Re: [utmstack/UTMStack] Cisco Switch index missing (Discussion #749) This message came from outside the organization. Do not click links or open attachments unless you know the content is safe. Hi, Joe, have you installed a windows or linux agent to receive the logs as the guide says? Best regards — Reply to this email directly, view it on GitHub<#749 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/BKEGIUCF7ZC7KVDKD47SFG3ZOY2WPAVCNFSM6AAAAABLRCLN5GVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTAMJXHE2DEMA>. You are receiving this because you authored the thread.Message ID: ***@***.******@***.***>>

[c3s4rfred]

Hi, @JoeDanser, if the logs are going to generic the issue is related to the logs format, please if you can, send us a text file with some logs examples from the message field that you are receiving in generic index, to make some tests locally and identify if the issue is related to the IOS 15.0(2)SE8 version.

Best regards