Skip to content

Cisco Aironet

Cisco ucm

About

Cisco Aironet is a line of wireless access points and other wireless networking equipment produced by Cisco Systems. Aironet access points are designed to provide secure and reliable wireless connectivity for enterprise and commercial environments. They support various wireless protocols such as 802.11a, 802.11b, 802.11g, 802.11n, and 802.11ac, and can be used for both indoor and outdoor wireless networking applications.

Cisco Aironet access points come with advanced features such as Quality of Service (QoS) support, automatic channel selection, and support for multiple SSIDs. They also support centralized management and can be integrated with other Cisco networking equipment for easy deployment and management of wireless networks. Cisco Aironet access points are commonly used in corporate environments, healthcare, education, retail, and hospitality industries, as well as in public venues such as stadiums and airports.

Product Details

Vendor URL: Cisco Wireless product support

Product Type: Wireless

Product Tier: Tier II

Integration Method: Syslog

Integration URL: Cisco IOS Configuration Guide for Autonomous Cisco Aironet Access Points

Log Guide: Cisco IOS Configuration Guide for Autonomous Cisco Aironet Access Points

Parser Details

Log Format: Syslog

Expected Normalization Rate: 95%

Data Label: CISCO_AIRONET

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field UDM Field
application principal.application
client_mac target.mac
host_ip principal.ip
hostname principal.hostname
mobile_mac target.mac
result metadata.product_event_type
security_result security_result
src_ip src.ip
src_mac src.mac
target_ip target.ip
target_mac target.mac
username target.user.userid

Product Event Types

Type Severity UDM Event Classification Alerting Enabled
Default GENERIC_EVENT

Log Sample

<158>Apr 24 20:04:48 10.0.0.1 REMOTE-WXC-LXXXXL: *webauthRedirect: Apr 24 20:04:48.477: %EMWEB-6-HTTP_REQ_BEGIN_ERR: http_parser.c:580 http request should begin with a character

Sample Parsing

metadata.event_timestamp"2023-04-24T20:04:48Z"
metadata.event_type"GENERIC_EVENT"
metadata.log_type"CISCO_AIRONET"
metadata.product_event_type"HTTP_REQ_BEGIN_ERR"
metadata.product_name"Aironet"
metadata.vendor_name"CISCO"
principal.application"webauthRedirect"
principal.hostname"REMOTE-WXC-LXXXXL"
principal.ip[0]"10.0.0.1"
security_result[0].action_details"HTTP_REQ_BEGIN_ERR"
security_result[0].severity"INFORMATIONAL"
security_result[0].severity_details"6"
security_result[0].summary"http_parser.c:580 http request should begin with a character"