Network Management

last person joined: 5 hours ago 

Keep an informative eye on your network with IMC and Airwave network management solutions.
Expand all | Collapse all

Airwave-Splunk integration

  • 1.  Airwave-Splunk integration

    Posted Sep 30, 2015 05:19 AM

    Hello,

     

    We are trying to get information from our Airwave AMPs to Splunk, so we can index them in specific way (as we do with CPPM data). To begin with, but not limited to, we are trying to get info on:

     

    • Devices Down
    • RAPIDS IDS Events
    • Syslog messages from both AMP and network devices

    Does anyone know of any documentation describing/explaining this, from either Aruba or Splunk? Thanks in advance.

     

    Regards,

    Nebojsa



  • 2.  RE: Airwave-Splunk integration

    Posted Nov 06, 2015 09:06 AM

    Hello,

     

    I would also like to know if this can be done.

     

    Please pass on the information if you hear.

     

    Thank you

     



  • 3.  RE: Airwave-Splunk integration

    Posted Nov 06, 2015 09:17 AM
    You can configure Airwave to send to an external syslog from the AMP Setup -> General page (at the bottom).
    I suggest first enable it and see what you get. If it does not suit your needs, submit a feature request here
    https://arubanetworkskb.secure.force.com/prm/ideas/ideaList.apexp
    or through your SE


  • 4.  RE: Airwave-Splunk integration

    Posted Nov 14, 2015 12:01 PM

    Hi Pasquale,

     

    Thanks on your reply, and suggestion. We (well, my now ex-employer) have already tried it but neither "Up/Down" or "RAPIDS" events were not coming through. 

     

     

    Regards,

    Nebojsa



  • 5.  RE: Airwave-Splunk integration

    Posted Nov 16, 2015 08:12 AM
    I suggest then to speak to TAC or to your Aruba account manager.

    There may be ways to get the information through snmp-traps or other but speak to them to see what your options are.

    If a feature request is required, your account team can push it forward.