Security

Reply
Regular Contributor I
Posts: 279
Registered: ‎02-11-2013

ClearPass Guest + syslog filters

Hello,

 

I have read the userguide about Syslog Export Filters but I don't get any session data in my syslog.

 

I have configured a filter Session Logs - All requests but even if I connect to CPGuest with my user, there are no entries into my Syslog. I know that the Syslog is working because it gets info and debug message by CPPM.

 

Any idea ?

 

Thanks

 

Dimitri

Regular Contributor I
Posts: 279
Registered: ‎02-11-2013

Re: ClearPass Guest + syslog filters

[ Edited ]

Small update, here is what I got now in the Syslog :

 

10-01-2013 13:25:29 Local1.Warning 10.1.1.3 2013-10-01 13:25:39,201 [R:] WARN com.avenda.tips.syslog.SyslogManager - Syslog object could not be located for Radius Accounting All


10-01-2013 13:25:29 Local1.Warning 10.1.1.3 2013-10-01 13:25:39,198 [R:] WARN com.avenda.tips.syslogclient.SyslogTaskExecutor - No write task found for id 3004


10-01-2013 13:25:03 Local1.Warning 10.1.1.3 2013-10-01 13:25:13,659 [R:] WARN com.avenda.tips.syslogclient.SyslogTaskExecutor - Got task completion event for Unknown Task


10-01-2013 13:25:01 Local1.Warning 10.1.1.3 2013-10-01 13:25:11,350 [R:] WARN com.avenda.tips.syslog.SyslogManager - Syslog object could not be located for Radius Accounting All


10-01-2013 13:25:01 Local1.Warning 10.1.1.3 2013-10-01 13:25:11,344 [R:] WARN com.avenda.tips.syslogclient.SyslogTaskExecutor - No write task found for id 3004

 

10-01-201313:31:56Local1.Error10.1.1.32013-10-01 13:32:06,541 [main] ERROR RadiusServer.Radius - Processing SIGHUP signal received 0 sec ago

Regular Contributor I
Posts: 279
Registered: ‎02-11-2013

Re: ClearPass Guest + syslog filters

Now it's working, I have needed to use Guest Access Requests as Data Filter. But I still have a little issue :

 

10-01-201316:18:56Local1.Debug10.1.1.32013-10-01 16:18:55,477  10.1.0.3 Guest Access 3 1 0 RADIUS.Auth-Source=Local:localhost,RADIUS.Auth-Method=PAP,

 

In the syslog, I don't see all Columns which are specified in my filter. There are only the 2 firsts, Auth-Source and Auth-Method.

 

What I am doing wrong ? Syslog is Kiwi Syslog.

 

Thanks

Search Airheads
Showing results for 
Search instead for 
Did you mean: