We are sending our ClearPass logs to Splunk, but it appears that most of the fields that are available in the Access Tracker are not being sent via syslog.
Is there a way to have ClearPass send full verbose logs from the Access Tracker? Without most of these fields, the logs are not very helpful.