Solved: vxWorks log ingestion - ASX1800

bsizemore · ‎10-10-2013

Has anyone here successfully ingested vxWorks alert log into Splunk?

I have a couple of Motorola OLT (AXS1800) devices that does not stream via syslog. vxWorks does have an ftp facility, presumably allowing up to get to the logs via an ftp session. I have yet to prove that.

Just wondering if anyone has dealt with this situation.

bsizemore · ‎07-02-2014

We resolved this issue by giving up. There was some hope for using an SNMP approach but that hasn't panned out.

View solution in original post

bsizemore · ‎07-02-2014

We resolved this issue by giving up. There was some hope for using an SNMP approach but that hasn't panned out.

bsizemore · ‎07-02-2014

The problem we saw with SNMP was that the SNMP app we started with. It was buggy and insufficient. I don't think it's impossible to do it for ourselves, but the value proposition wasn't there. We may revisit this. It's also possible that other teammates dealt with it, but hasn't come to my attention.

BTW, the engineer for the SNMP app was very responsive, but the app isn't his primary source of income. 🙂

sbrant_splunk · ‎07-02-2014

What didn't pan out about the SNMP approach? Were you planning to poll the device for information or configure it to send traps to a listener monitored by Splunk? ssh may be a possibility to.

vxWorks log ingestion - ASX1800

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases