cisco

Source from Cisco 3750 switch appears as name of the month (?) in Graylog 6.0

Bartosz Maciejewski

Jun 10, 2024 — 1 min read

I've just installed a new SIEM based on Graylog 6.0 to collect all my logs from my home network. Both my APs and TrueNAS send logs over UDP just fine.

After adding my switch - Cisco Catalyst 3750-X - I noticed that the logs were being collected by source name was odd - ".jun" which appears as the name of the month as I'm actually writing this post in June.

It turns out that even if the switch has hostname set up, it won't be sent to remote syslog if "logging origin-id" is not set.

After setting it:

logging origin-id hostname

The correct hostname has been sent to Graylog:

And after a while, the old "hostname" disappeared, leaving everything as it should be:

Other options to set are:

 hostname  Use origin hostname as ID
  ip        Use origin IP address as ID
  ipv6      Use origin IPv6 address as ID
  string    Define a unique text string as ID

Source from Cisco 3750 switch appears as name of the month (?) in Graylog 6.0

Bartosz Maciejewski

Read more

Change Alexa location for weather alerts.

The ultimate solution for controlling everything with this smart switch!

Fun with smart knob TS004F (TuYa ERS-10TZBVK-AA) in Home Assistant

My simple, yet powerfull irrigation solution with Home Assistant, Zigbee valve and moisture sensor