Cisco Duo Log Sync (DLS)

Duologsync (DLS) is a utility written by Duo Security that supports fetching logs from Duo endpoints and ingesting them to different SIEMs.

Logging:

A logging filepath can be specified in config.yml. By default, logs will be stored under the /tmp folder with name duologsync.log.

These logs are only application/system logs and not the actual logs retrieved from Duo endpoints.

System Requirements:

Duo Log Sync must run a system set to the UTC/GMT Timezone.

Installation:

▪ Make sure you are running Python 3+:

▪ Clone this GitHub repository and navigate to the duo_log_sync folder:

▪ Ensure you have "setuptools";

▪ Install duologsync:

▪ Go to duo_log_sync folder and create a config.yml file:

▪ Edit config.yml file:

▪ Run the application: