Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Clearpass Client Certificate Information to External Syslog

This thread has been viewed 2 times

  • 1.  Clearpass Client Certificate Information to External Syslog

    Posted Oct 08, 2019 03:10 AM

    Hi,

     

    Is it possible to send any client certificate information especially the expiration date to an external syslog server?

     

    We use SPLUNK to make great Dashboards for different wireless informations. It would be great to show an overview of the currently used certificates and information about their expire dates.

     



  • 2.  RE: Clearpass Client Certificate Information to External Syslog

    MVP EXPERT
    Posted Oct 08, 2019 04:14 AM

    I'm not too sure on syslog, however I've set it up before using snmp traps with an alert configured for 'cppmNodeCertExpiry'.



  • 3.  RE: Clearpass Client Certificate Information to External Syslog

    Posted Oct 09, 2019 03:46 AM

    The Access Tracker shows a lot of certificate informations which is great!

    I will test some log settings. Maybe I get the information.

     

    We don't have implement SNMP in our SPLUNK solution. So, the logging is our only possibilty at the moment.



  • 4.  RE: Clearpass Client Certificate Information to External Syslog

    Posted Oct 09, 2019 07:53 AM

    It's working now! Set the log level from modul RADIUS Server to DEBUG.

    Thats all! Simple.

     

    Thanks



  • 5.  RE: Clearpass Client Certificate Information to External Syslog
    Best Answer

    EMPLOYEE
    Posted Oct 10, 2019 08:00 PM
    You should never run in debug mode during normal operation.