Dell Switch

About

Dell Networking Data Center Switches deliver the network performance modern workloads and virtualization environments demand between racks or data centers.

Product Details

Vendor URL: Dell PowerSwitch Data Center Switches - Networking

Product Type: Network Switch

Product Tier: Tier III

Integration Method: Syslog

Integration URL: How to Set Up and Manage Logging on a Switch | Dell US

Log Guide: How to Set Up and Manage Logging on a Switch | Dell US | Log Guide

Parser Details

Log Format: Syslog

Expected Normalization Rate: 90%

Data Label: DELL_SWITCH

UDM Fields (list of all UDM fields leveraged in the Parser):

Log File Field	UDM Field
action	security_result.action_details
Dell	metadata.vendor_name
description	metadata.description
interface	security_result.description
observer	observer.hostname
observer	observer.ip
observer_domain	observer.domain.name
product_event	metadata.product_event_type
product_log_id	metadata.product_log_id
rule_id	security_result.rule_id
rule_name	security_result.rule_name
Statically Defined	metadata.event_type
Statically Defined	metadata.event_type
summary	security_result.summary
Switch	metadata.product_name

Product Event Types

type,subtype	severity	UDM Event Classification	alerting enabled
Default		GENERIC_EVENT
login-event		USER_LOGIN

Log Sample

<189> JUN 23 18:57:00 10.10.10.13-2 TRAPMGR[123456789]: traputil.c(611) 359428 %% Link Down: 2/0/16

Sample Parsing

metadata.product_log_id = "123456789"
metadata.event_timestamp = "2022-06-23T18:57:00Z"
metadata.event_type = "GENERIC_EVENT"
metadata.vendor_name = "Dell"
metadata.product_name = "Switch"
metadata.product_event_type = "TRAPMGR"
metadata.description = "Link Down: 2/0/16"
observer.ip = "10.10.10.13"
security_result.rule_name = "traputil.c"
security_result.summary = "Link Down"
security_result.description = "2/0/16"
security_result.rule_id = "611"

Parser Alerting

This product currently does not have any Parser-based Alerting