- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Device can't be automatically added to CMDB
Hello team,
I have successfully configured our main L3 switches to send Syslog to our centralized Fortisiem log server, but with all of that done nothing was discovered by the CMDB.
Bellow the conf in the Cisco switch, the 64.55 is the IP address for the fortisiem.
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Taher11
Actually, when you send syslog to SIEM, you don't have to do discovery. it should automatically add it. I suggest you open tcpdump, you can check if the log is coming to SIEM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Exactly @adem_netsys , but nothing was seen as syslog from that particular switch when running tcpdump on the fortisiem.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In this case, we can say that syslog is not going to SIEM. If there is an FW in between, you need to check the permissions there.