Maybe someone can help me with this. I followed the instructions and changed my sourcetype to syslog since I do not have any sourcetype built for cisco:ios. I have yet to see any data even though I have tons of data coming in. Can anyone please help me figure out what I'm currently doing wrong?
Any and all help is appreciated
--Pierré
Hi,
Hi,
It started to pick up information in the sourcetype=cisco:ios. I think I figured out the issue. I thought that there was no add-on due to only reading the title. I have added the add-on and that fixed it. Thanks for responding to me so quickly Mike.
Great! No problem 🙂 I'd be happy if you could give the app and add-on a rating after you've tried them out for a while 🙂
It looks like it started to pull data after I restarted the splunk search head. It apparently only see's port flappings but not unique devices and other issues that are probably being reported by my cisco devices.