Document toolboxDocument toolbox

ap.cisco

Introduction

The tags beginning with ap.cisco identify events generated by access point devices belonging to Cisco.

Valid tags and data tables 

The full tag must have 3 levels. The first two are fixed as ap.cisco. The third level identifies the type of events sent.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

Cisco Wireless LAN Controller

ap.cisco.wlc 

ap.cisco.wlc 

For more information, read more about Devo tags.

How is the data sent to Devo?

Logs generated by Cisco must be sent to the Devo platform via the Devo Relay to secure communication. See the required relay rule below:

  • Source port - Any available port

  • Target tag - ap.cisco.wlc

  • Sent without syslog tag - ✓

 

No 3rd-party mechanism is used. No collector is needed.

Table structure

These are the fields displayed in this table:

ap.cisco.wlc

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

machine

str

vmachine

 

level

str

vlevel

 

syslogFacility

str

embFacility

 

apName

str

 

 

task

str

 

 

serverdate

str

 

 

facility

str

 

 

priority

int4

 

 

mnemonic

str

 

 

message

str

 

 

rawMessage

str

 

✓

hostchain

str

 

✓

tag

str

 

✓

Â