Graylog Content Pack for Cisco ISE
This extractor will properly parse messages from Cisco ISE.
This extractor is limited to Logging Categories of Failed Attempts and Passed Authentications at the moment. It is a work in progress and I welcome others to contribute. I will add more as I get time.
== Requirements ==
Spawn UDP (or TCP) inputs on your desired port and import the extractors.
== Caveats ==
The Source Extractor will need to be updated to your companies standard.