ā11-01-2017 10:04 AM
Is there a method, or workaround, to limit logging to a regional SIEM for PSNs in that region?
As far as I have read, and understand, logging (and collection filtering) is configured globally, and there is no way to configure ISE logging to only send logging traffic generated from PSNs within a region (e.g. APAC) to log to a local SIEM configured as a Remote Logging Target also within that region. Has anyone come across a solution or workaround, apart from a separate ISE deployment in the region?
I still require logging to MnT nodes and possibly other remote logging targets for other PSNs in the Cube.
Thank-you
Keith
Solved! Go to Solution.
ā11-02-2017 05:22 AM
It is possible to use DNS to resolve to a local target based on PSN's DNS config or intelligent DNS. You could use Anycast so that logging target selected is closest destination based on routing metrics. You can also have a local host entry in PSN to force resolution to a local target.
ā11-01-2017 10:41 PM
Hello,
You cannot configure each PSN to send logs to different logging server today.
But you can raise this request to ise-pm mailer.
Thanks,
Nidhi
ā11-02-2017 05:22 AM
It is possible to use DNS to resolve to a local target based on PSN's DNS config or intelligent DNS. You could use Anycast so that logging target selected is closest destination based on routing metrics. You can also have a local host entry in PSN to force resolution to a local target.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: