Examples
This page provides some real world scenarios giving you guidance on how to configure the Log Exporter for your scenario.
Example 1: General Authentication Information
Scope and Assumptions
The scope of the query provided below is as follows:
The admin is interested in understanding which users and/or devices are authenticating (successful or unsuccessful) and to built frequency statistics based on that
No VLAN tagging is used
Only certificate-based authentication is used (no username-password-based authentication)
Target
Log Analytics or General Webhook
Message Filter Configuration
Rule Engine
Authorization System
Proxy Authentication
Data Configuration
Example 2: Detailed Authentication Information
Scope and Assumptions
The scope of the query provided below is as follows:
The admin is interested in understanding which users and/or devices are authenticating (successful or unsuccessful)
The OCSP response of the CA if certificates are used
The used Access Point (via MAC address)
The RADIUS Rule that was triggered / VLAN that was tagged
Both, certificate-based authentication and username-password-based authentication are considered
Target
Log Analytics or General Webhook
Message Filter Configuration
Rule Engine
Authorization System
Proxy Authentication
Data Configuration
Example 3: General Error Notifications
Scope and Assumptions
The scope of the query provided below is as follows:
The admin is interested in receiving pro-active notifications about errors on the RADIUSaaS platform for the operations team.
Target
Message Filter Configuration
Rule Engine
Authorization System
Proxy Authentication
Data Configuration
Last updated