Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cisco_ios does not support Timezone extraction #2554

Open
ehlo550 opened this issue Aug 12, 2024 · 1 comment
Open

cisco_ios does not support Timezone extraction #2554

ehlo550 opened this issue Aug 12, 2024 · 1 comment
Assignees
@rjha-splunk @cwadhwani-splunk

Comments

@ehlo550
Copy link
Contributor

ehlo550 commented Aug 12, 2024

What is the sc4s version ?
3.28.1

Is the issue related to the environment of the customer or Software related issue?
Software

Describe the bug
Cisco switches (cisco_ios) are able to send the timezone in the logs.
From what I understand those are parsed by the app-almost-syslog-cisco_syslog.conf parser.

There seems to be no date-parser configuration that includes an extraction of the timezone.

<188>35548: hostname: Aug  8 2024 20:10:00.001 CEST: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: username] [Source: 10.10.10.10] [localport: 22] [Reason: Login Authentication Failed] at 20:10:00 CEST Thu Aug 8 2024

I am wondering if this could be added.

Regards
Stefan
@cwadhwani-splunk cwadhwani-splunk self-assigned this Aug 14, 2024
@rjha-splunk rjha-splunk self-assigned this Aug 19, 2024
@rjha-splunk
Copy link
Collaborator

I am checking this, we will check if we need to change the date-time().

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rjha-splunk rjha-splunk

@cwadhwani-splunk cwadhwani-splunk

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ehlo550 @rjha-splunk @cwadhwani-splunk