Hello everybody,
I know there are some subjects talking about this but I didn't find one for my specific problem and after hours of changing log levels I'm starting to become crazy :smileysad:
For a customer who is using ClearPass as a solution for guest access, I would like, to comply with the french law, to log HTTP traffic and authentications. I created the firewall policy and added the 'log' parameter on the rule. I can see traffic logs on my syslog.
I also succedeed to get user authentications, but for every wlan. Is it possible to log only guest authentications ?
The biggest problem is, I also get too many info in my logs, about rogue APs, etc and I'm lost with categories and processes...
So my question is : What is the best config to get guest traffic and authentications to my syslog ? I only need that.
Thanks in advance.
Regards.