Reset Search
 

 

Article

Can NAC/ Access Control Forward Client Info to Syslog

« Go Back

Information

 
TitleCan NAC/ Access Control Forward Client Info to Syslog
Objective
  • Can I get end system events sent via syslog to a Palo Alto?
  • Can I get end system events set to syslog server.
Environment
  • Netsight NAC Manager
  • Palo Alto Firewall
Procedure
Under Notifications (bell) in NAC Manager (not same icon in Netsight
 click - go to Manage Notifications.
User-added image

Under Manage Notifications, Use change Default SIEM Server (this assumes you are NOT using SIEM)

User-added image
Change the Loopback IP to a remote device that you want to forward syslog messages to.
User-added image

Here is some sample output from a syslog server.
User-added image


 
Additional notes

These events will come from the Netsight server, not the NAC appliances. So a tcpdump on the Netsight server will verify the functionality is working.

tcpdump -i eth0 port 514 -v
 

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255