Extreme Networks

Justsomebodi · ‎12-27-2017

Hi All

I have used the below command to exclude NAC mac authentication messages from the logs

configure log filter "DefaultFilter" add exclude events "nl.ClientAuthenticated" match string "Network Login MAC user"

However messages still appear. Does anyone know if this is correct?

Christopher_Bur · ‎11-09-2018

I've added the following to get rid of all client activites

configure log filter DefaultFilter add exclude events nl.ClientAuthenticated match string "MAC"
configure log filter DefaultFilter add exclude events nl.ClientUnauthenticated match string "MAC"
configure log filter DefaultFilter add exclude events nl.ClientReset match string "MAC"

Justsomebodi · ‎12-28-2017

Thanks for the reply.

So to clarify, it will not match the string on anything but %0% which is %MAC% ? Am i understanding it correctly?

David_Choi · ‎12-28-2017

Yes.
You were trying to use the string "Network Login MAC user". In the "Network Login MAC user", only "MAC" is the string parameter (%0%) you can use in log filter and others "Network Login user" is not string parameter.
So that is the reason why your log filter didn't work

David_Choi · ‎12-28-2017

Hi,
The parameters for the log is like below:

66fe6e721bcc470784abe414d54d1eb9_RackMultipart20171228-47100-1215j4n-20171228_113344_inline.jpg

Therefore, if you want to use match condition with "string" parameter, you should use one of "string" parameters in the log (there are three string parameters in the log, %0%, %1% and %5%).

For example with your way, I think you can use %0% string (i.e. "MAC") as below:
configure log filter "DefaultFilter" add exclude events "nl.ClientAuthenticated" match string "MAC"Otherwise, you can also use other match condition, "mac-address", "ports" or "vlan" instead of "string" parameter.

Regards,

Extreme Networks

How to exclude NAC authentication messages from log

How to exclude NAC authentication messages from log