Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
biskit
Advisor

Syslog Question

My customer is using Darktrace (or part of it?) to collate firewall logs and do stuff with the data. 

Part of what they want is to get data on user VPN login data, including the OM IP.  They use Mobile Access.

I've set up Log Exporter to send them the data, but they take each log "line" and process it.  They can't merge multiple log lines with the same loguid into a single log. 

The problem is that not all data is included in each line.  One line shows the "Log In" with the username (presumably the MAB portal login), then when they open the SNX popup to get full network access, that log line shows the OM IP but not the username.  

Is there a way to only send the collated log to the SNMP server?

 

0 Kudos
2 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events