Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
1
Replies

ISE: Logging target

jds5
Level 1
Level 1

‎11-03-2022 02:58 AM

Hello,

We have a cluster deployment of 6 ISEs.

We have 4 zones in separate DCs with 1 PSN per zone and one Syslog collector per zone. Traffic between zones is prohibited.

Z1P > 1 PSN / 1 Syslog

Z2P> 1 PSN / 1 PAN Primaire Mnt Secondaire / 1 Syslog

Z1N > 1 PSN / 1 PAN Secondaire Mnt Primaire / 1 Syslog

Z1P > 1 PSN / 1 Syslog

We're looking for a solution so that the ISE logs reach their zone's Syslog collector without sending the flows four times.

Is there a solution to this problem in an ISE version of 2.4 or 2.7?

BR

 

0 Helpful
1 Reply 1

ahollifield
VIP
VIP

‎11-03-2022 06:23 AM - edited ‎11-03-2022 06:36 AM

How does ISE function if "Traffic between zones is prohibited."?  

The logs are sent to all configured logging targets directly from each PSN.  I am not aware of a way to exclude certain log collectors on a per PSN basis.

0 Helpful
Customers Also Viewed These Support Documents