The Aruba ClearPass Access Management System provides a window into your network and covers all your access security requirements from a single platform. You get complete views of mobile devices and users and have total control over what they can access. With ClearPass, IT can centrally manage network policies, automatically configure devices and distribute security certificates, admit guest users, assess device health, and even share information with third-party solutions—through a single pane of glass, on any network and without changing the current infrastructure.
Configuring syslog forwarding
- Login to Aruba ClearPass dashboard with Admin Access.
- Navigate to Administration > External Servers > Syslog Targets.
3. Select Add. The Add Syslog target dialog opens.
- Host Address: Enter the server IP address. (Forwarder IP address)
- Description: Enter a short description of syslog server as desired.
- Protocol: Select ‘UDP’.
- Server Port: Enter ‘11591’.
4. Click Save. (Syslog target is now added)
5. Once the configuration is completed, need to validate the logs in chronicle using a regular expression as (".*") this expression or with specific hostname, will provide the log source types which are ingesting to chronicle, below is the screen shot for reference.