ExtremeSwitching (EXOS)

Expand all | Collapse all

How to exclude NAC authentication messages from log

  • 1.  How to exclude NAC authentication messages from log

    Posted 12-27-2017 11:34
    Hi All

    I have used the below command to exclude NAC mac authentication messages from the logs

    configure log filter "DefaultFilter" add exclude events "nl.ClientAuthenticated" match string "Network Login MAC user"

    However messages still appear. Does anyone know if this is correct?



  • 2.  RE: How to exclude NAC authentication messages from log

    Posted 12-28-2017 01:28
    Hi,
    The parameters for the log is like below:



    Therefore, if you want to use match condition with "string" parameter, you should use one of "string" parameters in the log (there are three string parameters in the log, %0%, %1% and %5%).

    For example with your way, I think you can use %0% string (i.e. "MAC") as below:
    configure log filter "DefaultFilter" add exclude events "nl.ClientAuthenticated" match string "MAC"[/code]Otherwise, you can also use other match condition, "mac-address", "ports" or "vlan" instead of "string" parameter.

    Regards,


  • 3.  RE: How to exclude NAC authentication messages from log

    Posted 12-28-2017 14:05
    Thanks for the reply.

    So to clarify, it will not match the string on anything but %0% which is %MAC% ? Am i understanding it correctly?


  • 4.  RE: How to exclude NAC authentication messages from log

    Posted 11-09-2018 02:38
    I've added the following to get rid of all client activites

    configure log filter DefaultFilter add exclude events nl.ClientAuthenticated match string "MAC"
    configure log filter DefaultFilter add exclude events nl.ClientUnauthenticated match string "MAC"
    configure log filter DefaultFilter add exclude events nl.ClientReset match string "MAC"


  • 5.  RE: How to exclude NAC authentication messages from log

    Posted 12-28-2017 14:05
    Yes.
    You were trying to use the string "Network Login MAC user". In the "Network Login MAC user", only "MAC" is the string parameter (%0%) you can use in log filter and others "Network Login user" is not string parameter.
    So that is the reason why your log filter didn't work