11-19-2020 12:26 AM - edited 07-05-2021 12:48 PM
Hello,
i´m wondering if there is a possibility to generate a report for all probe requests of clients coming from certain access points.
background is the detection of criminal activities. what i need to find is the MAC of all clients which were active at a specific time.
any idea how i could gather this?
br + thx
Solved! Go to Solution.
11-20-2020 02:53 AM
11-20-2020 01:43 AM
The WLC doesn't keep that information for very long, or not at all. It can probably send them to a CMX server. There you could then use it for marketing purposes, but in the end those aren't much different from what you want to achieve.
You are better off with real wireless sniffers though.
The main problem you'll have though, all those clients (mobile phones and now also laptops) have started to use random mac addresses for those packets, which can't be traced back to the real hardware mac address, to thwart this marketing "abuse" and tracking. So this mac address collection is no viable way of tracking the users anymore.
It's different if they are actually connected to your SSID, then they typically keep their mac address. At least Android devices do, Apple started to randomize it every 24 hours since iOS 14 I think.
11-20-2020 02:16 AM
thanks for the feedback, it is great. especialy the point with the random MAC is very important to understand on which level we could provide information.
for the logs: do i see them anywhere: could thy be forwarded via syslog?
11-20-2020 02:53 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide