Security

Hello,

 

is there any way to modify the facility level in ClearPass Policy Manager's syslog configuration?

 

A tcpdump on the syslog server shows that CPPM sends all messages with a facility of local1:

 

12:28:16.185134 IP aruba-cppm.abc.de.37789 > server.abc.de.syslog: SYSLOG local1.debug, length: 96
12:28:19.669750 IP aruba-cppm.abc.de.37789 > server.abc.de.syslog: SYSLOG local1.info, length: 584

 

I haven't found the appropriate switch yet - if there is one to find...

 

Thanks for your help!

 

cheers,

Harald

If you go to (Administration » Server Manager » Log Configuration) you can select the level of information you receive. 

 

How about the ability to change facility (local level)?. ClearPass defaults to facility (local) 1. All of our wireless logs are on local 0 (local 1 is heavily userd for other services).

 

Anyone know how to change syslog facility level?

 

Thanks,

Mike

Mike, did you ever get an answer to this?

In syslog there is local1 - local 7

 

 

In CPPM we give you the option to choose 5 of the levels

 

 

 

I understand that debug/info/warn/error/fatal levels are all available. However, I want to send logs to local5 on our syslog server. Can I modify the facility to which logs are sent?

- Ryan -

Ryan,

As of today we only output syslog at level 1.

Talk with Ted today and we can file a feature request.

• Please help me i want to connect my clear pass (10.3.4.54) to syslog server(10.3.4.61) ,so then any guest if connect in my ssid guest that will notify me in sys log server, so please help me how to do  this,as i am new i this field so i need your help.