Announcement

Collapse
No announcement yet.

Cisco IOS Support

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Cisco IOS Support

    Blade, I'd like to use the plugin to mintor traffic through my Cisco 2800 router. I've tried running your RouterLogger.exe and get no results. It doesn't log anything at all. However, I know I'm getting syslog information as I can see traffic using wireshark (and I log syslog events using UltraLog too).

    Is your tool set to receive all traffic on UDP port 514?
    Last edited by beerygaz; May 12, 2010, 02:49 AM. Reason: typos
    Author of Highpeak Plugins | SMS-Gateway Plugin | Blue Iris Plugin | Paradox (Beta) Plugin | Modbus Plugin | Yamaha Plugin

    #2
    The RouterLogger should allow you to enter the port and the address of where the syslog is logging.
    Cheers,
    Bob
    Web site | Help Desk | Feature Requests | Message Board

    Comment


      #3
      Nope, it allows me to set the port, but the "Receiving IP Address" field is greyed out and I can't enter anything in there. Also, the log file never seems to be created (or if it is I can't find it on my filesystem anywehre). Any suggestions Bob?
      Author of Highpeak Plugins | SMS-Gateway Plugin | Blue Iris Plugin | Paradox (Beta) Plugin | Modbus Plugin | Yamaha Plugin

      Comment


        #4
        Yes... It assumes the Router Logger app is running on the pc where the router log is being forwarded
        Cheers,
        Bob
        Web site | Help Desk | Feature Requests | Message Board

        Comment


          #5
          Which is exactly what I'm doing. I'm running the router logger application on the machine that my router is sending its logs to. If I run UltraLog it receives syslog messages and puts them in its database. If I run WireShark I can see UDP packets on port 514 being sent to the logging machine. But when I run your application, (with no other apps runing, so it's not like the port it in use or anything) I get nothing.

          The machine is running Vista Ultimate (SP2)
          Author of Highpeak Plugins | SMS-Gateway Plugin | Blue Iris Plugin | Paradox (Beta) Plugin | Modbus Plugin | Yamaha Plugin

          Comment


            #6
            That is strange. I have had lots of people run it and send me the log output.
            Have you tried running it in compatibility mode with XP?
            Cheers,
            Bob
            Web site | Help Desk | Feature Requests | Message Board

            Comment


              #7
              Still no joy, and even tried it on another machine (And reidrected my logging). Here's a WireShark packet capture, run on the same machine, on port 514, to show I'm actually getting syslog messages, even though router logger doesn't see any.
              Attached Files
              Author of Highpeak Plugins | SMS-Gateway Plugin | Blue Iris Plugin | Paradox (Beta) Plugin | Modbus Plugin | Yamaha Plugin

              Comment


                #8
                I am afraid that will not work because I need to raw packet from the router and this has been formatted.
                Cheers,
                Bob
                Web site | Help Desk | Feature Requests | Message Board

                Comment


                  #9
                  Does this mean this plugin doesn't work with Cisco 18xx, 28xx and other routers? (does the 837 send different syslogs?)

                  DJ

                  Comment


                    #10
                    Originally posted by DJF3 View Post
                    Does this mean this plugin doesn't work with Cisco 18xx, 28xx and other routers? (does the 837 send different syslogs?)

                    DJ
                    I'm also interested on using this for my cisco 1800, will it work?

                    Comment


                      #11
                      The problem is twofold

                      1. Blade needs captures in his logging tool in order to analyze what data is available from the router so that he can modify his plugin to support that data

                      2. I've never been able to get the tool to actually log anything. So I can't send the data to Blade for analysis.

                      If anyone here can d/l Blade's router logger and get it to capture syslog output from an IOS router then we'll be closer to a solution I think.

                      I'd happily pay a premium for this plugin if it could report on my router status, as right now I'm hack together snmp queries to try and get some data.
                      Author of Highpeak Plugins | SMS-Gateway Plugin | Blue Iris Plugin | Paradox (Beta) Plugin | Modbus Plugin | Yamaha Plugin

                      Comment


                        #12
                        Great plugin but I have the same issue, the log is not capturing any info. Maybe Blade can figure out something else in the future.

                        Comment


                          #13
                          Bump. Bob - any development on this plugin recently that might help us Cisco users monitor our devices?
                          Author of Highpeak Plugins | SMS-Gateway Plugin | Blue Iris Plugin | Paradox (Beta) Plugin | Modbus Plugin | Yamaha Plugin

                          Comment


                            #14
                            You could grab router information through an SNMP script or through a Telnet script. I'm using an SNMP script to monitor my NAS but haven't tested it on my Cisco devices yet.


                            I also have a telnet script that connects to a router to execute commands. This could also be used to grab information from the router. Need to do more testing as right now it's pretty nasty code ;-)

                            DJ

                            Comment


                              #15
                              Bob, now that you've updated for HS3 could we try and revive the router monitor to capture Cisco IOS events?

                              I've tried the LogMonitor EXE again and I can't get it to receive any date from either a Cisco router or even a Linux box sending syslog events.
                              Author of Highpeak Plugins | SMS-Gateway Plugin | Blue Iris Plugin | Paradox (Beta) Plugin | Modbus Plugin | Yamaha Plugin

                              Comment

                              Working...
                              X