It is necessary that the syslog messages are in Ciscos' EMBLEM format to get picked up by the Syslog Collector and be forwarded to the Syslog Ananlyzer process. Other vendors typically do not send syslog messages in this format (I do not know if any is doeing so...) Also some security devices from Cisco itself explicitely have to be configured to send syslogs in EMBLEM format.
You can use another syslog server which supports more message formats and let your devices send to both destinations.
You could use syslog-ng to write a generic mnemonic into the message and forward it to LMS.
syslog-ng->add fac-sev-mne: message->lms
However, I would also caution you that LMS is *not* meant to be a "syslog" manager - there are usually way to many syslog messages in most environments for it to handle that many - which is why most syslog managers are standalone servers.
In order to make sure that the NMS systems that syslog-ng forward messages to receive the correct source, syslog-ng needs to be compiled with the source spoof option. This will allow messages received on other NMS’s (such as LMS) to appear to come from the original devices rather than from the syslog-ng server.
Also, I would highly recommend you consider building a good syslog manager like LogZilla (mentioned in that whitpaper) as it is much more suitable for proactive analysis (charts, searching, email alerts, etc.).
There's a live demo of it running here and there's even a ready2run virtual machine on the main website so you could have it running in no time.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...