Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1427
Views
0
Helpful
6
Replies

CPI Alarms and Syslog

Go to solution
nwittenberg
Level 4
Level 4

‎11-29-2017 10:15 AM - edited ‎07-05-2021 07:55 AM

I want to send all alarms in CPI to a Splunk server via syslog.  Is that possible?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
nwittenberg
Level 4
Level 4
In response to Scott Fella

‎12-10-2017 11:05 AM

I probably should have mentioned this is for wIPS alarms which I think all get sent via NMSP to the controller which then does the crunching of the information which is then sent to PI as SNMP traps.

 

We found a way for Splunk to handle SNMP traps so we are sending the alarms from PI.

 

Thanks all for chiming in.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Flavio Miranda
VIP
VIP

‎11-29-2017 10:58 AM

Hi @nwittenberg

 

 It is possible. 

In "Administration / Settings / System Settings" you can go to "Notification Policies"

You can define "Conditions", "Devices Group" and "Destination". Destination can be email address or "Northbound  Trap Receiver" and here you can point to a third party device. 

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful

Go to solution
nwittenberg
Level 4
Level 4
In response to Flavio Miranda

‎11-29-2017 11:53 AM

But no syslog?
0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to nwittenberg

‎11-29-2017 03:02 PM

Syslog you can follow this steps:

 

Step 1 Select Administration > Settings > System Settings, then choose Mail and Notification > Change Audit Notification.
Step 2 Select the Enable Change Audit Notification check box to enable notifications.
Step 3 If you want to send the messages to specific syslog receivers:
Click the Add button (+) to specify a syslog receiver.
In the Syslog Receivers area, enter the IP address, protocol, and port number of the syslog receiver.
You can repeat these steps as needed to specify additional syslog receivers.
Step 4 Click Save.

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful

Go to solution
nwittenberg
Level 4
Level 4
In response to Flavio Miranda

‎11-30-2017 11:58 AM

That’s just for changed configs. I don’t see that capability under Alarms and Events. I am guessing it is not possible.
0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to nwittenberg

‎12-04-2017 09:58 AM

nwittenberg,
Why not just define the syslog from the controller and only use PI for the traps?
-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
nwittenberg
Level 4
Level 4
In response to Scott Fella

‎12-10-2017 11:05 AM

I probably should have mentioned this is for wIPS alarms which I think all get sent via NMSP to the controller which then does the crunching of the information which is then sent to PI as SNMP traps.

 

We found a way for Splunk to handle SNMP traps so we are sending the alarms from PI.

 

Thanks all for chiming in.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card