- Free Edition
- What's New?
- Quick Links
- Log Management
- Application Log Management
- Application log monitoring
- IIS log analyzer
- IIS web log analyzer
- IIS FTP log analyzer
- IIS log parser
- VMware log analyzer
- Hyper V event log auditing
- SQL database auditing
- SQL server auditing
- MySQL log analyzer
- Apache log analyzer
- DHCP server auditing
- Database activity monitoring
- Database auditing
- Oracle database auditing
- IT Compliance Auditing
- IT Compliance Auditing
- SOX Compliance Audit
- GDPR Compliance Audit
- ISO 27001 Compliance Audit
- HIPAA Compliance Audit
- PCI Compliance Audit
- FISMA Compliance Audit
- GLBA Compliance Audit
- GPG Compliance Audit
- ISLP Compliance Audit
- FERPA Compliance Audit
- CCPA Compliance Reports
- CCPA Compliance Software
- NERC Compliance Audit Reports
- Cyber Essentials Compliance Reports
- Reports for New Regulatory Compliance
- Customizing Compliance Reports
- PDPA compliance audit reports
- CMMC Compliance Audit
- SIEM
- Security Information and Event Management (SIEM)
- Threat Intelligence
- STIX/TAXII feed processor
- Server Log Management
- Event Log Monitoring
- File Integrity Monitoring
- Linux File Integrity Monitoring
- Threat Whitelisting
- Advanced Threat Analytics
- Security Log Management
- Log Forensics
- Incident Management System
- Application log management
- Real-Time Event Correlation
- Detecting Threats in Windows
- External Threat Mitigation
- Malwarebytes Threat Reports
- FireEye Threat Intelligence
- Linux Log Analyzer
- Network Device Monitoring
- Network Device Monitoring
- Router Log Auditing
- Cisco Logs Analyzer
- VPN log analyzer
- IDS/IPS log monitoring
- Solaris Device Auditing
- Monitoring user activity in routers
- Monitoring Router Traffic
- Switch Log Monitoring
- Arista Switch Log Monitoring
- Firewall Log Analyzer
- Firewall Traffic Monitoring
- Windows Firewall Auditing
- SonicWall Log Analyzer
- H3C Firewall Auditing
- Barracuda Device Auditing
- Palo Alto Networks Firewall Auditing
- Juniper Device Auditing
- Fortinet Device Auditing
- pfSense Firewall Log Analyzer
- NetScreen Log Analysis
- WatchGuard Traffic Monitoring
- Check Point Device Auditing
- Sophos Log Monitoring
- Huawei Device Monitoring
- HP Log Analysis
- F5 Logs Monitoring
- Fortinet log analyzer
- Endpoint Log Management
- System and User Monitoring Reports
- More Features
- Resources
- Product Info
- Related Products
- Log360 (On-Premise | Cloud) Comprehensive SIEM and UEBA
- ADManager Plus Active Directory Management & Reporting
- ADAudit Plus Real-time Active Directory Auditing and UBA
- ADSelfService Plus Identity security with MFA, SSO, and SSPR
- DataSecurity Plus File server auditing & data discovery
- Exchange Reporter Plus Exchange Server Auditing & Reporting
- M365 Manager Plus Microsoft 365 Management & Reporting Tool
- RecoveryManager Plus Enterprise backup and recovery tool
- SharePoint Manager Plus SharePoint Reporting and Auditing
- AD360 Integrated Identity & Access Management
- AD Free Tools Active Directory FREE Tools
Cisco routers, switches, and firewalls are among the most commonly used network devices in the market. Routers and switches discover the best routes for data packets to travel through networks, whereas firewalls and IDS/IPS devices filter and inspect these packets for malicious content, providing network security. Failing to monitor and analyze these devices can disrupt communication and security.
Advantages of Cisco network analysis
Analyzing your Cisco logs allows you to:
- Track logon activity to discover any authentication errors.
- Ensure that devices are configured properly to avoid configuration errors.
- Examine all router and switch connections (including those denied) to identify the most frequently used source and destination devices.
- Break down details about traffic passing through devices based on protocol (e.g., TCP, UDP, and ICMP).
- Analyze port usage on your devices to act quickly if any issue is detected.
- Examine all system events of concern and identify the devices requiring immediate attention.
- Discover traffic flow errors to mitigate the most frequently occurring errors.
Cisco management with EventLog Analyzer’s syslog server
With a Cisco syslog server like EventLog Analyzer, you can simplify your Cisco network monitoring and analysis.
EventLog Analyzer's built-in Cisco syslog server provides the following features:
- Prepackaged reports detailing router and switch activity help you intuitively visualize your data as an interactive dashboard.
- Trend reports discover patterns in your data, while top N reports reveal the people and devices most frequently responsible for certain events.
- Easily switch from viewing reports to plaintext log information.
- Customizable, real-time alerts eliminate the need for manual report surveillance.
- Powerful forensics allows you to easily find the logs you need.
How to configure Cisco devices in EventLog Analyzer
- Log in to EventLog Analyzer.
- Click the +Add button in the top-right corner, then select Devices from the drop-down.
- Navigate to the Syslog Devices tab and click the +Add Device(s) button.
- Enter the IP addresses of the Cisco devices in your network and click Add.
- You can also set alerts and generate reports for these devices using the Alerts and Reports tabs.
Learn more about adding Cisco devices.
This solution aids with Cisco log monitoring in the following areas:
- Cisco router monitoring: Monitor Cisco router syslogs for information on logins, configuration changes, connection details, traffic details, and system events.
- Cisco switch monitoring: Monitor switch activities such as traffic information and system events.
- Cisco firewall monitoring: Monitor firewall traffic, account changes, logons, threat information, and more for Cisco ASA and Cisco PIX devices.
- Cisco VPN monitoring: Monitor remote VPN logins and VPN user information for Cisco ASA devices.
- Cisco IDS/IPS monitoring: Monitor attack information, identify frequently targeted devices, and more.
Router Logon Reports
- Audit all successful router logons.
- Obtain details on SSH and VPN logons.
- View all VPN authentication and authorization errors.
- View successful and failed logons categorized by device, user, and remote device.
- Identify patterns or anomalies by looking at logon trends.
Available Reports
Logons | Failed logons | Bad authentication | SSH logons | Failed SSH logons | Closed SSH sessions | Failed VPN logons | VPN authorization errors | Top logons based on device | Top logons based on user | Top logons based on remote device | Top failed logons based on device | Top failed logons based on user | Top failed logons based on remote device | Top VPN authentication errors based on interface | Top VPN authentication errors based on user | Top VPN authorization errors based on interface | Top VPN authorization errors based on user | Top SSH logons based on remote device | Top SSH logons based on user | Top failed SSH logons based on remote device | Top failed SSH logons based on user | Logon trends | Failed logon trends
Router Configuration Reports
- View details on all uplinks and downlinks.
- Track all configuration and link state changes.
- Identify all link errors, including a list of those occurring most frequently.
- View top configuration changes classified by user and remote device.
Available Reports
Reports on uplinks | Reports on downlinks | Reports on uplinks and downlinks | Link state changes | Configuration changes | System restarts | Link errors | Top state changes | Top configuration changes | Top configuration changes based on user | Top configuration changes based on remote device | Top link errors
Router Connection Reports
- View details on all connections accepted and denied by your routers.
- These are categorized by source, destination, and protocol.
- Trend reports are also available for all router connections.
Available Reports
Successful connection authorizations | Top connections based on source | Top connections based on destination | Top connections based on protocol | Successful connection authorization trends | Denied connections | Top denied connections based on source | Top denied connections based on destination | Top denied connections based on protocol | Denied connection trends
Router Traffic Report by Protocol
- Audit all TCP, UDP, and ICMP traffic passing through your routers.
- Identify sources generating the highest amounts of TCP, UDP, and ICMP traffic.
Available Reports
TCP traffic audit | UDP traffic audit | ICMP traffic audit | Traffic audit overview | Top TCP traffic audit based on source | Top UDP traffic audit based on source | Top ICMP traffic audit based on source | Top traffic audit based on source
Router and Switch System Events
- Track critical system events related to the router interfaces, fans, memory, clocks, ports, and power supply.
Available Reports
Commands executed | Interface up | Interface down due to link failure | Individual port down | Fan failed | Fan status ok | Report on power supply | Memory allocation failure | System clock updates | Report on power supply scheduled | System temperature exceeded | System shutdown due to temperature | Interface down suspended by speed
Router Traffic Errors
- Identify communication errors, such as those related to the transfer of data fragments or address resolution protocol (ARP) requests.
Available Reports
Too many fragments | Invalid fragment length | Overlapped fragments | DHCP snooping denied | Permitted ARP | Denied ARPs
