Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
591592593594595596597598599600
596 | Administration Dell Networking W-ClearPass Policy Manager 6.6 | User Guide
LEEF Event Format Type > Insight Logs
The following example describes the LEEF event format type for the Insight Logs syslog export filter
template:
Dec 03 2017 16:50:44.085 IST 10.17.4.208 LEEF:1.0|Dell|ClearPass|6.5.0.69058|0-1-
0|Auth.Username=host/Asif-Test-PC2 Auth.Authorization-Sources=null Auth.Login-Status=216
Auth.Request-Timestamp=2017-12-03 16:48:41+05:30 Auth.Protocol=RADIUS Auth.Source=null
Auth.Enforcement-Profiles=[Allow Access Profile] Auth.NAS-Port=null Auth.SSID=cppm-dot1x-test
TimestampFormat=MMM dd yyyy HH:mm:ss.SSS z Auth.NAS-Port-Type=19 Auth.Error-Code=216
Auth.Roles=null Auth.Service=Test Wireless Auth.Host-MAC-Address=6817294b0636
Auth.Unhealthy=null Auth.NAS-IP-Address=10.17.4.7 src=10.17.4.208
Auth.CalledStationId=000B8661CD70 Auth.NAS-Identifier=ClearPassLab3600
CEF Event Format Type > Insight Logs
The following example describes the CEF event format type for the Insight Logs syslog export filter template:
Dec 03 2017 16:31:28.861 IST 10.17.4.208 CEF:0|Dell|ClearPass|6.5.0.69058|0-1-0|Insight
Logs|0|Auth.Username=host/Asif-Test-PC2 Auth.Authorization-Sources=null Auth.Login-Status=216
Auth.Request-Timestamp=2017-12-03 16:28:20+05:30 Auth.Protocol=RADIUS Auth.Source=null
Auth.Enforcement-Profiles=[Allow Access Profile] Auth.NAS-Port=null Auth.SSID=cppm-dot1x-test
TimestampFormat=MMM dd yyyy HH:mm:ss.SSS zzz Auth.NAS-Port-Type=19 Auth.Error-Code=216
Auth.Roles=null Auth.Service=Test Wireless Auth.Host-MAC-Address=6817294b0636
Auth.Unhealthy=null Auth.NAS-IP-Address=10.17.4.7 src=10.17.4.208
Auth.CalledStationId=000B8661CD70 Auth.NAS-Identifier=ClearPassLab3600
CEF Event Format Type > Audit Logs
The following example describes the CEF event format type for the Audit Logs syslog export filter template:
Nov 19 2017 18:22:40.700 IST 10.17.4.221 CEF:0|Dell|ClearPass|6.5.0.68754|13-1-0|Audit
Records|5|cat=Role timeFormat=MMM dd yyyy HH:mm:ss.SSS zzz rt=Nov 19, 2014 18:21:13 IST
src=Test Role 10 act=ADD usrName=admin
LEEF Event Format Type > Audit Logs
The following example describes the LEEF event format type for the Audit Logs syslog export filter template:
Nov 19 2017 14:31:10.422 IST 10.17.4.221 LEEF:1.0|Dell|ClearPass|6.5.0.68754|0-1-0|cat=Syslog
Export Data devTime=Nov 19, 2014 14:30:35 IST action=ADD src=Audit Events - LEEF usrName=admin
devTimeFormat=MMM dd yyyy HH:mm:ss.SSS z
CEF Event Format Type > System Events
The following example describes the CEF event format type for the System Events syslog export filter
template:
Nov 19 2017 17:15:52.348 IST 10.17.4.221 CEF:0|Dell|ClearPass|6.5.0.68754|0-1-0|System
Events|10|cat=WebService Error level=ERROR description=No valid subscription ID\nCheck
Subscription ID, Network Connectivity, http_proxy credentials.\nClick on 'Check Status Now'
after correcting the configuration. timeFormat=MMM dd yyyy HH:mm:ss.SSS zzz rt=Nov 19, 2017
17:15:12 IST src=ClearPass Firmware Update Checker act=None
LEEF Event Format Type > System Events
The following example describes the LEEF event format type for the System Events syslog export filter
template:
Dec 02 2017 20:38:40.901 IST 10.17.4.206 LEEF:1.0|Dell|ClearPass|6.5.0.68878|295-1-0|cat=start
devTime=Dec 02, 2014 20:38:12 IST level=WARN description='Failed to start ClearPass Virtual IP
service' action=Failed src=ClearPass Virtual IP service devTimeFormat=MMM dd yyyy HH:mm:ss.SSS
z