Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
240
Views
1
Helpful
1
Replies

CISCO Logs for cybersecurity

revalako1
Level 1
Level 1

‎01-11-2025 06:11 AM

Hello Everyone. Can anyone guide me on how to get well versed with Logs from Cisco WLC and Cisco FTD. I want to reach a stage where I build threat detection rules on this logs. Any guidance is appreciated.

10.0.0.0.1 192.168.1.254
Labels:
0 Helpful
1 Reply 1

ammahend
VIP Alumni
VIP Alumni

‎01-11-2025 07:01 AM - edited ‎01-11-2025 07:03 AM

For the WLC (wireless) logs are retrieved from various sources like SNMP polling, streaming telemetry, netconf, syslog, netflow and local system logs etc. the good thing is you can use something like a catalyst center to consume these logs and spit out relevant alarms and assurance data, it also has built in wireless intrusion prevention system, which can flag a number of wireless based attacks like deauth flood, honeypot, rouges and many more. I would recommend to start with explore Catalyst center and other logging options listed above, you can also explore wips signatures 

-hope this helps-
Customers Also Viewed These Support Documents