Is it possible to send only user authentication messages to an external SYSLOG server?

  • 1
  • Question
  • Updated 2 years ago
Hi everyone,

My firewall is currently setup to allows users to access external applications using AD based policies. When BYOD users logon to the network I would like to have them using the same policies that their desktops are using.

The firewall can do this no problems by running a script from the UID-API to the syslog server that pulls the IP address and username.

I'm wondering if it's possible to have only the user authentication messages sent to my syslog server. The last thing I want to do is have it flooded by all the informational messages being passed from >80 APs 

I've been playing around but no luck so far. Has anyone been able to achieve this? Is it possible?

HiveManger 6.6r3a
Photo of Leon Cassidy

Leon Cassidy

  • 1 Post
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of Bradley Teige

Bradley Teige

  • 1 Post
  • 0 Reply Likes
I just opened a ticket for this as it was potentially the easiest method to have our mobile device users be put in the proper URL filter group on our firewall as well.  I was told HIvemanager cannot collect/forward syslog to an external syslog server.  

We will be stuck entering the AP IP addresses into the firewall one by one or possibly using the firewall User-ID agent.