Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am in the process of testing out TrustSec and have a couple questions.When I bring up a CTS session w/ PAC on an ASA to ISE,it seems that the ASA gets the environment data but only has a list of the IP:SGT tags it is directly responsible for. It ap...
I am setting up ISE to act as my AAA for RADIUS and I am working on some custom banners for attribute: "CVPN3000/ASA/PIX7x-IPSec-Banner1".
I cannot seem to inject a carriage return or new line.
CVPN3000/ASA/PIX7x-IPSec-Banner1 = Message Line #1 \n ...
I am trying to capture the words at the end of this line:
209 9341567 71629995 130 0.47% 0.25% 0.20% 0 Spanning Tree
But no matter what regexp I build, I can only match the first word. This is what is getting the first word:
action ...
I am working on an applet that monitors my route table. I would like to have something like this:
event tag E1 routing network 0.0.0.0/0 le 1 event tag E2 routing network 10.0.0.0/8 ge 16 event tag E3 routing network 10.1.0.0/16 ge 16 event tag E4 ...
I have an EEM script that generates this output based on monitoring my WAN interface load:
%HA_EM-6-LOG: INTERFACE_LOAD: BW: 50000 kbps/sec || TX: 15/255, 1651000 bits/sec, 598 packets/sec || RX: 8/255, 3057000 bits/sec, 627 packets/sec
I would lik...
My issue is...if CTS is up and the environment and associated data can be communicated to a device (ASA in this case) why can't the mappings be sent as well.It just seems like an additional connection point that is a duplication of effort.Also, split...
Ok, so for devices that support CTS, that is a way for the device to send data to ISE with the mappings. In order for the mappings that are external to the NAD, that's where setting up all the inline tagging between all the devices comes in, or a SXP...
Ok understood.
First off, I'd forget the Netflow at the start. Once you have a working environment (which can be a much harder task than it seems), any of the special sauce will be easier after the fact.
So starting with capturing syslog is the best ...
Scott,
I will try to write it out, high level. Keep in mind, I am not collecting Netflow (although it is easily possible). I have a full Riverbed Cascade suite setup for all my routers, switches, and firewalls.
What is it you are looking to accompl...
Also Open source solutions of syslog like Graylog, Ossim, ELK, .. etc are also not dedicated for this purpose.
A little late to the party, by why not have ACS or ISE or whatever you have for your AAA accounting, send it's syslog messages to Logsta...
