Cisco
Cisco allows you to monitor and identify threats to your organization using Cisco data. Logpoint aggregates and normalizes the Cisco logs so you can analyze the information through dashboards. Cisco dashboards visualize event details for network, user authentication, intrusion prevention systems, email security, VPN, endpoint security, wireless and other Cisco collaboration solutions.
Release Details
Key Information
- When configuring the normalization policy, place specific normalization packages at the top of the policy, followed by generic normalization packages to prevent normalization issues. For example, while selecting a normalization package for Cisco PIXASA, select LP_Cisco PIXASA first and then select LP_Cisco_PIXASA_Generic, preserving their order.
- Activate the label packages to apply labels and group similar logs together. To learn how to activate the label package, go to Activating Labels Packages.
- The EmailParser should be configured in the device for using CiscoIronPortESGCompiledNormalizer.
Enhancement
| Description | Issue ID | Reference ID |
|---|---|---|
|
Cisco now includes CiscoIOSXECompiledNormalizer which normalizes some additional fields of Cisco Switch Logs. |
PLUG - 16750, SR - 489 |
90491 |
Past Releases
Cisco v5.6.0
Release Date: March 31, 2025
Download: Cisco_5.4.0.pak
SHA256: 6bf2876eaea990a5290b86f635cfbc7ce2aa52c8c23201ac14fb06894df9c4eb
Bug Fixes
| Description | Issue ID | Reference ID |
|---|---|---|
|
Some Cisco Firepower logs were not normalized by CiscoFirepowerNormalizer |
PLUG-13274, PLUG-13244, PLUG-16186 |
86208, 86076, 77731 |
|
The firewall’s hostname was not extracted by the Cisco normalizers.
|
PLUG-16128 |
78476 |
Cisco v5.5.0
Release Date: Oct 21, 2024
Download: Cisco_5.5.0.pak
SHA256: 3b50f25736a745a52cbf29175a1e163948500a1ca20f3cc691d848d0c3198f04
Enhancement
| Description | Issue ID | Reference ID |
|---|---|---|
| For Cisco Identity Services Engine (ISE), the authentication and status fields were not normalized. |
PLUG-11999 |
84859 |
Cisco v5.4.0
Release Date: April 26, 2024
Download: Cisco_5.4.0.pak
SHA256: 7ab055ab0d9a2e2430e9b55fa799b2f5b62bffa0b7541833a67d182f232d770d
Enhancement
| Description | Issue ID | Reference ID |
|---|---|---|
| Added Syslog Collector based Cisco and CiscoEmail log source templates, simplifying the log source configuration process. To learn more, go to Creating Log Source via a Template. |
KB-22622 |
- |
Support
If you have any queries or require assistance, create a support ticket.
Hi,
It says LogPoint v5.2 and later for Version 3.4.1.
But when I try to add it to logpoint version 6.5.3 it says, " only supported on 6.6.x".
Do you have one for version 6.x.x yet?
Best regards
Henrik Olsson