Okay,I'm going to admit upfront that I'm a pretty pathetic system admin. I can collect around a Linux system, but up until now I've never really focused on logging, or so I basically know nothing approximately logging... We own a couple hundred Cisco devices ranging from 2900s to Nexus 7010s. We're currently not logging events anywhere. I'd like to fix this,but need to conclude so on the cheap. I own access to a VMware cluster, so I can create one or more VMs and disk space shouldn't be an issue... I've read approximately Graylog as well as various "ELK stack" logging solutions, and but I own absolutely no idea where to start,nor what is best for a "Cisco focused" solution. Both Graylog and ELK step-by-steps exist, but they all seem tailor-made to the sysadmin that knows what he's doing and what he's trying to accomplish. All I know is that I want to be able to easily search through logs collected from a bunch of Cisco devices... I'm hoping someone here can point me to something simple enough for my soft brain to handle. Is there a virtual machine appliance out there that's available that might already conclude all this? Anyone know of a good guide? Thanks in advance! submitted by Binky216 to networking[link][7 comments]
Source: reddit.com