Skip to content

Cisco Unified Computing System

Cisco ucs


Cisco Unified Computing System (UCS) is a data center server computer product line composed of server hardware, virtualization support, switching fabric, and management software, introduced in 2009 by Cisco Systems. The products are marketed for scalability by integrating many components of a data center that can be managed as a single unit.

Product Details

Vendor URL: Cisco Servers – Unified Computing System (UCS) - Cisco

Product Type: OS

Product Tier: Tier III

Integration Method: Syslog

Integration URL: Set up Syslog for Cisco UCS

Log Guide: Introduction to Syslog Messages - Cisco

Parser Details

Log Format: Syslog

Expected Normalization Rate: 75%

Data Label: CISCO_UCS

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field UDM Field
ADAPTOR additional.fields
AUTHTYPE_UNSPECIFIED extensions.auth.type
BLADE additional.fields
CHASSIS additional.fields
description metadata.description
dst target.hostname
dst target.ip
dst_domain target.administrative_domain
FABRIC additional.fields
HOST_ETH additional.fields
PATH additional.fields
product metadata.product_name
product_event metadata.product_event_type
sec_description security_result.description
src principal.hostname
src principal.ip
src_domain principal.administrative_domain
Statically Defined metadata.event_type
severity security_result.severity
summary security_result.summary
suser principal.user.userid
vendor metadata.vendor_name
version metadata.product_version
VIF additional.fields

Product Event Types

Type Severity UDM Event Classification Alerting Enabled
Authentication USER_LOGIN

Log Sample

<187>: 2022 Feb 23 20:05:42 CST: %UCSM-3-EVENT: External malformed xml event, Error: [no class named computePersonality], Received from host []

Sample Parsing

metadata.event_timestamp = "2022-02-23T20:05:42Z"
metadata.event_type = "GENERIC_EVENT"
metadata.vendor_name = "Cisco"
metadata.product_version = "UCS"
metadata.product_event_type = "UCSM-3-EVENT"
metadata.description = "External malformed xml event, Error: [no class named computePersonality], Received from host []"
metadata.ingested_timestamp = "2022-02-24T02:08:23.941588Z"
principal.ip = ""
principal.asset.ip = ""
security_result.severity = "ERROR"

Parser Alerting

This product currently does not have any Parser-based Alerting


Coming Soon