Syslog messages across TP-Link devices
Dear all, and an (almost) Happy New Year to you all,
I can see variations of this question have been asked over the years, with little response from the developers.
Link many I have a varied collection of devices which have come to me both through direct purchase (3x EAP225) and second-hand purchases, a pair of T1600G switches, coupled with items from other suppliers including a Dell switch and HP server and workstation. I am currently working on aggregating my logging and visibility of services and network usage, but am struggling with the sheer unpredictability of the Syslog messaging coming from the TP-Link devices.
While I will struggle on using REGEX and possibly GROK, it would be helpful if TP-Link could possibly supply some better wisdom as to the messages being sent by their devices, and any detail of existing patterns and outcomes. Businesse are constantly seeking to aggregate this kind of material to ensure better security - a lack of consistency is a nightmare.
Any help gratefully appreciated.