Ubiquiti TOUGHSwitch PoE
When you configure Ubiquiti TOUGHSwitch PoE to send log data to Sheriff CSM, you can use the Ubiquiti TOUGHSwitch PoE plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin: Plugin Information| Device | Details |
|---|---|
| Vendor | Ubiquiti Networks |
| Device Type | Router/Switch |
| Connection Type | Syslog |
| Data Source Name | Ubiquiti TOUGHSwitch PoE |
| Data Source ID | 1895 |
Integrating Ubiquiti TOUGHSwitch PoE
Before you configure the Ubiquiti TOUGHSwitch PoE integration, you must have the IP Address of the Sheriff CSM Sensor (Deputy). The Ubiquiti integration involves configuring rsyslog to read log messages from a file and redirect the output to Sheriff CSM. To configure Ubiquiti TOUGHSwitch PoE to send Syslog messages to Sheriff CSM- Log in to the Ubiquiti TOUGHSwitch web interface.
-
On the Device tab, go to Services.
- Enable the System Log option.
This option enables the registration routine of system log (syslog) messages. By default it is disabled.
- Enable the Remote Log option.
This option enables the syslog remote sending function where system log messages are sent to a remote server.
-
Specify the following entries to define the location of the remote server where log messages are sent:
- Remote Log IP Address: Enter the Sheriff CSM IP Address.
- Remote Log Port: Enter 514.
