Support
 
Support Get Quote
 
 
 
 

Cisco Logs Analyzer

Cisco log analyzer

Cisco routers, switches, and firewalls are among the most commonly used network devices in the market. Routers and switches discover the best routes for data packets to travel through networks, whereas firewalls and IDS/IPS devices filter and inspect these packets for malicious content, providing network security. Failing to monitor and analyze these devices can disrupt communication and security.

Advantages of Cisco network analysis

Analyzing your Cisco logs allows you to:

  • Track logon activity to discover any authentication errors.
  • Ensure that devices are configured properly to avoid configuration errors.
  • Examine all router and switch connections (including those denied) to identify the most frequently used source and destination devices.
  • Break down details about traffic passing through devices based on protocol (e.g., TCP, UDP, and ICMP).
  • Analyze port usage on your devices to act quickly if any issue is detected.
  • Examine all system events of concern and identify the devices requiring immediate attention.
  • Discover traffic flow errors to mitigate the most frequently occurring errors.

Cisco management with EventLog Analyzer’s syslog server

With a Cisco syslog server like EventLog Analyzer, you can simplify your Cisco network monitoring and analysis.

EventLog Analyzer's built-in Cisco syslog server provides the following features:

  1. Prepackaged reports detailing router and switch activity help you intuitively visualize your data as an interactive dashboard.
  2. Trend reports discover patterns in your data, while top N reports reveal the people and devices most frequently responsible for certain events.
  3. Easily switch from viewing reports to plaintext log information.
  4. Customizable, real-time alerts eliminate the need for manual report surveillance.
  5. Powerful forensics allows you to easily find the logs you need.

How to configure Cisco devices in EventLog Analyzer

  1. Log in to EventLog Analyzer.
  2. Click the +Add button in the top-right corner, then select Devices from the drop-down.
  3. Navigate to the Syslog Devices tab and click the +Add Device(s) button.
  4. Enter the IP addresses of the Cisco devices in your network and click Add.
  5. You can also set alerts and generate reports for these devices using the Alerts and Reports tabs.

Learn more about adding Cisco devices.

This solution aids with Cisco log monitoring in the following areas:

  • Cisco router monitoring: Monitor Cisco router syslogs for information on logins, configuration changes, connection details, traffic details, and system events.
  • Cisco switch monitoring: Monitor switch activities such as traffic information and system events.
  • Cisco firewall monitoring: Monitor firewall traffic, account changes, logons, threat information, and more for Cisco ASA and Cisco PIX devices.
  • Cisco VPN monitoring: Monitor remote VPN logins and VPN user information for Cisco ASA devices.
  • Cisco IDS/IPS monitoring: Monitor attack information, identify frequently targeted devices, and more.

Router Logon Reports

  • Audit all successful router logons.
  • Obtain details on SSH and VPN logons.
  • View all VPN authentication and authorization errors.
  • View successful and failed logons categorized by device, user, and remote device.
  • Identify patterns or anomalies by looking at logon trends.

Available Reports

Logons | Failed logons | Bad authentication | SSH logons | Failed SSH logons | Closed SSH sessions | Failed VPN logons | VPN authorization errors | Top logons based on device | Top logons based on user | Top logons based on remote device | Top failed logons based on device | Top failed logons based on user | Top failed logons based on remote device | Top VPN authentication errors based on interface | Top VPN authentication errors based on user | Top VPN authorization errors based on interface | Top VPN authorization errors based on user | Top SSH logons based on remote device | Top SSH logons based on user | Top failed SSH logons based on remote device | Top failed SSH logons based on user | Logon trends | Failed logon trends

Router Configuration Reports

  • View details on all uplinks and downlinks.
  • Track all configuration and link state changes.
  • Identify all link errors, including a list of those occurring most frequently.
  • View top configuration changes classified by user and remote device.

Available Reports

Reports on uplinks | Reports on downlinks | Reports on uplinks and downlinks | Link state changes | Configuration changes | System restarts | Link errors | Top state changes | Top configuration changes | Top configuration changes based on user | Top configuration changes based on remote device | Top link errors

Router Connection Reports

  • View details on all connections accepted and denied by your routers.
  • These are categorized by source, destination, and protocol.
  • Trend reports are also available for all router connections.

Available Reports

Successful connection authorizations | Top connections based on source | Top connections based on destination | Top connections based on protocol | Successful connection authorization trends | Denied connections | Top denied connections based on source | Top denied connections based on destination | Top denied connections based on protocol | Denied connection trends

Router Traffic Report by Protocol

Available Reports

TCP traffic audit | UDP traffic audit | ICMP traffic audit | Traffic audit overview | Top TCP traffic audit based on source | Top UDP traffic audit based on source | Top ICMP traffic audit based on source | Top traffic audit based on source

Router and Switch System Events

  • Track critical system events related to the router interfaces, fans, memory, clocks, ports, and power supply.

Available Reports

Commands executed | Interface up | Interface down due to link failure | Individual port down | Fan failed | Fan status ok | Report on power supply | Memory allocation failure | System clock updates | Report on power supply scheduled | System temperature exceeded | System shutdown due to temperature | Interface down suspended by speed

Router Traffic Errors

  • Identify communication errors, such as those related to the transfer of data fragments or address resolution protocol (ARP) requests.

Available Reports

Too many fragments | Invalid fragment length | Overlapped fragments | DHCP snooping denied | Permitted ARP | Denied ARPs

Track activity happening in your Cisco devices.

 

EventLog Analyzer Trusted By

Los Alamos National Bank Michigan State University
Panasonic Comcast
Oklahoma State University IBM
Accenture Bank of America
Infosys
Ernst Young

Customer Speaks

  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

Awards and Recognitions

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
A Single Pane of Glass for Comprehensive Log Management