08-31-2015 10:39 AM
I can see the username field is filled in within the ClearPass TIPS UI, but that value is not being sent in the EndPoint logs.
- Why is it username and not user_name like it is in the other logs?
- What scenarios result in the CPPM_Endpoint_Profile log line being written? It seems to be creates and updates, but what causes an update it all the data is the same every
Solved! Go to Solution.
08-31-2015 10:42 AM
08-31-2015 10:51 AM
OK, that that covers when it occurs. That is helpful, since it explains why the wireless devies are updating all the time and the wired one rarely do.
So what needs to/can be done to get the username to actually populate in the logs sent out via syslog?
08-31-2015 10:53 AM
If you are trying to use that as a lookup, you would want to use the Splunk
SQL lookup add-in using the ClearPass appexternal account.
Tim Cappalli | Aruba ClearPass TME
@timcappalli | ACMX #367 / ACCX #480 / ACEAP / CWSP