Is it possible for me to get the log file off the NAC appliance in regards to the OS detection failure log?
I would like to sift through the unrecognised DHCP fingerprints so I can add them to the detection type.
I can only get the log to show 100 entries but wold like to be able to search the log essentially.
can you also access the predefined fingerprints somewhere?
are fingerprints updated with new release of software?
You can use winSCP to connect to the NAC and pull off the /var/log/tag.log
You can SSH there too and view it through putty.