02-04-2019 04:58 AM - edited 03-08-2019 05:30 PM
Hi everyone,
We are using DNA Center 1.2.6, and I’d like to know if there is a way to export internal DNAC logs to an external Syslog server ?
Thanks,
02-04-2019 05:10 AM
At this time, you can export the logs via Syslog. You can setup logging for devices and some events are reported to syslog.
To export the Logs from the Cisco DNA Center, you need to perform:
I hope this helps
T.
02-05-2019 06:01 AM
Thank you Tomas for your reply,
If I understand correctly, your propose a SYSLOG export via manual SCP.
What we need is an export of logs in real time, meaning that each time a log is generated on DNAC, the log is send automatically through SYSLOG protocol to an external server.
Is it possible ? If not possible through SYSLOG, how can we do that ?
Regards,
02-05-2019 07:00 AM
There are two separate things here:
Item#1 is sent directly to the Syslog Server. In addition, SNMP traps can also be sent from the connected\managed devices.
Item#2 is specific to services run on the Cisco DNAC and these have to be exported via another protocol like SCP. These are not syslog messages.
I hope this clarifies things
Regards
T.
02-08-2019 09:05 AM
Thank you one again,
For security purpose, we need to export several DNAC logs to an external SYSLOG server in real time (when a user connect or try to connect on DNAC, when a user change or try to change a configuration on DNAC, ...).
These logs are specific to DNAC, so I understand we will have to use SCP to regularly export these logs. Correct ? If yes, do you know if Cisco planned a syslog export feature in a next release ?
From a security point of view, DNAC is a sensitive tool, security monitoring become mandatory.
Regards
06-10-2019 07:46 AM
Hi All,
any updates on those questions about exporting log in DNAC externally in real time?
Many thanks,
CH
02-11-2020 05:58 AM
Hi, this is quite an important requirement from a customer POV. Essentially we need a mechanism to export (in real-time) at least the administrative audit event data for ingestion into a SIEM and log archive.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide