cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1108
Views
0
Helpful
8
Replies

140ac syslog format for web filter

CVANWW
Level 1
Level 1

Hi,

 

I am trying to setup a 140ac accesspoint to transmit syslog information to a barracuda web filter. We have radius setup so whenever someone joins the wifi network, they login with their Active Directory credentials, however, the 140ac outputs the wrong syslog format because the web filter cant pick it up. Does anyone know the correct format of a 140ac access point so I can add it to the barracuda for it to pick up. 

 

Thanks

8 Replies 8

Hi

 If this Access Points supports syslog, Cisco does not mention on the Data Sheet.

 

https://www.cisco.com/c/en/us/products/collateral/wireless/business-100-series-access-points/smb-01-bus-140ac-ap-ds-cte-en.html 

SyslogAttachment.PNG

 Attached is the syslog section of the 140ac

 I got it. I found this information but is not what you need.

 

https://www.cisco.com/c/en/us/support/docs/smb/wireless/CB-Wireless-Mesh/2064-Setting-Up-System-Message-Logs-CBW.html 

  

I was wondering if the syslog is for box events only or if users information also logs. Maybe changing logs criticity.  But, a failed to find a doc mentioning logs format.

Maybe you can export the logs to a server and study the syntax and then work with Barracuda guys.

I saw this as well but I think this type of log is only what displays in the outbox in the log tab configuration page. It seems to be more for a readable output and not the actual logs that are sent to the syslog server. The format I would need would look more like and along the same lines as this: 

 

Wed Jun 22 07:00:00 COT 2016,""Wed Jun 22 07:00:00 COT 2016"",""0s"",""ICETEXV2\\apond"",""74:46:A0:A4:7A:E7"","""",""10.1.235.2"",""dot1x"",""PEAP (EAP-MSCHAPv2)"",""ICTX_WIRED >> ICTX-802.1X-WIRED >> Default"",""ICTX_WIRED >> ICTX-WIRED-USER"",""ICTX-PERMIT-ALL"","""","""","""",""Started"","""",""ictxsrvise1"",""0A01041B000064AB70CDEAC8"",""000017A3"",""10.1.4.27"",""GigabitEthernet1/0/30"",""N"",""0"",""0"",""0"",""0"","""",""RADIUS"",""icetex.local"","""",""ICETEX

 

 

This way the webfilter can see that the user is "apond" and has authenticated on 10.1.235.2. This is an example from another cisco access point, not the 140ac

Got it.  This AP model seems to be too simple for that. As I mentioned, Cisco even did not mention on the Data Sheet the syslog support.

would the cisco meraki mr36 have this functionality? If so do you know the format of those syslog logs?

Not much information on the data sheet also. Probably not.

asadkhan091093
Level 1
Level 1

 If this Access Points supports syslog, Cisco does not mention on the Data Sheet.