Controllerless Networks

dear 
     i want to sent blacklist log of user-role to syslog server，what should I do?
like the example ：
    ip access-list session test
        user any udp 68 deny log blacklist 
is it right to do ?



------------------------------
leo ma
------------------------------

Hi Leo, this discussion group is more around controller-less setups (such as Aruba Instant deployments) but it looks like you are configuring an Aruba Controller/Gateway. 

In Instant this works with the standard monitoring/logging levels as default. I configured a syslog server and added a basic rule that would result in dynamic denylist of the client if they used DNS. Hopefully the monitoring is similar between controller based and Instant. Unfortunately my lab is not configured to test this simply for you. Your access-list does look correct however.
Original Message:
Sent: Jul 11, 2022 04:55 AM
From: zhipeng ma
Subject: How to send the blacklist log of user-role to syslog server?

dear 
     i want to sent blacklist log of user-role to syslog server，what should I do?
like the example ：
    ip access-list session test
        user any udp 68 deny log blacklist 
is it right to do ?



------------------------------
leo ma
------------------------------

You can review the syslog reference guide here for ArubaOS 8.10: ArubaOS-8.10.0.0-Syslog-Reference-Guide.xlsx

It looks like you'll see this under Security logging level Notice (124008), User Warning (501103), User Notice (522039), User Info (541001).
Original Message:
Sent: Jul 11, 2022 04:55 AM
From: zhipeng ma
Subject: How to send the blacklist log of user-role to syslog server?

dear 
     i want to sent blacklist log of user-role to syslog server，what should I do?
like the example ：
    ip access-list session test
        user any udp 68 deny log blacklist 
is it right to do ?



------------------------------
leo ma
------------------------------

thank you, i am try, this is aos 8 controller,

------------------------------
leo ma
------------------------------

Original Message:
Sent: Jul 11, 2022 07:09 AM
From: Matthew Sutherland
Subject: How to send the blacklist log of user-role to syslog server?

You can review the syslog reference guide here for ArubaOS 8.10: ArubaOS-8.10.0.0-Syslog-Reference-Guide.xlsx

It looks like you'll see this under Security logging level Notice (124008), User Warning (501103), User Notice (522039), User Info (541001).
Original Message:
Sent: Jul 11, 2022 04:55 AM
From: zhipeng ma
Subject: How to send the blacklist log of user-role to syslog server?

dear 
     i want to sent blacklist log of user-role to syslog server，what should I do?
like the example ：
    ip access-list session test
        user any udp 68 deny log blacklist 
is it right to do ?



------------------------------
leo ma
------------------------------