Documentation Center
AlienVault® USM Anywhere™

Avaya VSP Switch

When you configure the Avaya VSP Switch integration to send log data to USM Anywhere, you can use the Avaya VSP Switch plugin to translate the raw log data into normalized events for analysis.

Device Details
Device vendor Avaya
Device type Switch
Connection type Syslog
Vendor link https://downloads.avaya.com/css/P8/documents/100180474

Avaya VSP Integration

Before you configure the integration, you must have the IP Address of the USM AnywhereUSM Appliance Sensor.

To configure Avaya VSP to send log data to USM Anywhere

  1. Enable the system log:

    syslog enable

  2. Specify the IP header in syslog packets:

    syslog ip-header-type <circuitless-ip|default|management- virtual-ip>

  3. Configure the maximum number of syslog hosts:

    syslog max-hosts <1-10>

  4. Create the syslog host:

    syslog host <1-10>

  5. Configure the IP address for the syslog host:

    syslog host <1-10> address WORD <0–46>

  6. Enable the syslog host:

    syslog host <1-10> enable

    Configure optional syslog host parameters by using the variables in the following variable definition tables.

  7. View the configuration to ensure it is correct:

    show syslog [host <1–10>]

Plugin Enablement

For plugin enablement information, see Manual Plugin Management.

Plugin Fields

The following plugin fields are important attributes extracted from the syslog message. USM Anywhere reports use these fields, and you can also reference them when creating custom reports. In addition to reporting, the USM Anywhere correlation rules make use of these fields.

  • application_protocol

  • customfield_0

  • customfield_1

  • customfield_2

  • customfield_3

  • customfield_4

  • customfield_5

  • customheader_0

  • customheader_1

  • customheader_2

  • customheader_3

  • customheader_4

  • customheader_5

  • event_action

  • event_description

  • event_name

  • event_severity

  • source_address

  • timestamp_occurred

Troubleshooting

For troubleshooting, refer to the vendor documentation:

https://downloads.avaya.com/css/P8/documents/100162409