Hi Mikael,
I'm currently facing an issue with Cisco IOS app : i've created UDP input (port 514) having cisco:ios sourcetype set.
Everything works fine for about 2 weeks, but then all logs from the search are getting reassigned with source /var/log/syslog-ng/syslog-ng.log and sourcetype syslog (default) instead of udp:514 and cisco:ios respectively.
This drops all the additional info provided by cisco ios app from the logs.
I have to disable and re-enable my udp input and then it works fine again for the same period of time.
Can you please give me a direction to troubleshoot this?
Regards,
Oleg.
... View more