Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7902
Views
0
Helpful
5
Replies

Collecting logs from Cisco Prime Infrastructure

Go to solution
nimz12345
Level 1
Level 1

‎11-11-2014 12:58 AM

Hi ,


I am currently working in integrating  Cisco Prime Infrastruture with the siem tool Qradar.

Can any one help me out in below issues:

1)How and where is the log stored in Cisco Prime.?

2)Does the logs contains the logs of the devices that Cisco Prime manages?

3)Is there any way to sent out the logs from Cisco Prime to a third party device.?

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
AFROJ AHMAD
Cisco Employee
Cisco Employee

‎11-11-2014 05:32 AM

Hi,

1)How and where is the log stored in Cisco Prime.?

/opt/CSCOlumnos/logs

2)Does the logs contains the logs of the devices that Cisco Prime manages?

AFAIK,

In the prime infrastructure Syslogs are directly read from udp port 514 and then filtered
, the non SEV1 and SEV2 syslogs will be dropped and will not be entered into db . The
syslog messages will not be saved into log files .

Till now PI support only SEV 0,1 and 2 syslog.

 

3)Is there any way to sent out the logs from Cisco Prime to a third party device.?

unfortunately , this feature is not there in PI so far.

 

Thanks-

Afroz

***Ratings Encourages Contributors ****

 

 

 

 

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****

View solution in original post

0 Helpful
5 Replies 5

Go to solution
AFROJ AHMAD
Cisco Employee
Cisco Employee

‎11-11-2014 05:32 AM

Hi,

1)How and where is the log stored in Cisco Prime.?

/opt/CSCOlumnos/logs

2)Does the logs contains the logs of the devices that Cisco Prime manages?

AFAIK,

In the prime infrastructure Syslogs are directly read from udp port 514 and then filtered
, the non SEV1 and SEV2 syslogs will be dropped and will not be entered into db . The
syslog messages will not be saved into log files .

Till now PI support only SEV 0,1 and 2 syslog.

 

3)Is there any way to sent out the logs from Cisco Prime to a third party device.?

unfortunately , this feature is not there in PI so far.

 

Thanks-

Afroz

***Ratings Encourages Contributors ****

 

 

 

 

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
0 Helpful

Go to solution
nimz12345
Level 1
Level 1
In response to AFROJ AHMAD

‎11-11-2014 08:30 PM

Hi Afroz,

Can you please tell me if the logs in the location"/opt/CSCOlumnos/logs" contains the logs of the devices it manages?

0 Helpful

Go to solution
AFROJ AHMAD
Cisco Employee
Cisco Employee
In response to nimz12345

‎11-11-2014 08:37 PM

Hi ,

 

No ,these logs does not contain logs from the devices , these logs are the logs respective to inventory ,config archive etc..

 

Thanks-

Afroz

*****Ratings Encourages Contributors ****

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
0 Helpful

Go to solution
nimz12345
Level 1
Level 1
In response to AFROJ AHMAD

‎11-11-2014 09:29 PM

Hi Afroz,

Thanks fro the information.

I have read that Prime Infrastructure logs all error, informational, and trace messages generated by all devices that are managed by Prime Infrastructure.Do you know where these  logs are saved?

0 Helpful

Go to solution
AFROJ AHMAD
Cisco Employee
Cisco Employee
In response to nimz12345

‎11-14-2014 08:25 AM

These logs are referring to same location shared before

/opt/CSCOlumnos/logs

 

Thanks-

Afroz

Thanks- Afroz [Do rate the useful post] ****Ratings Encourages Contributors ****
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card