Hi John, You are right that WLCs do not log authentication sessions in syslog. Do you have Radius servers to authenticate wireless users? Radius server is the better place to collect authentication logs.
Regards, Dennis Xu, MASc, CCIE #13056 Analyst 3, Network Infrastructure Computing and Communications Services(CCS) University of Guelph 519-824-4120 Ext 56217 d...@uoguelph.ca www.uoguelph.ca/ccs ----- Original Message ----- From: "John York" <yo...@brcc.edu> To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Sent: Thursday, March 3, 2016 11:29:56 AM Subject: [WIRELESS-LAN] WLC 5508 logging authentications Hi We have one 5508 (soon to be a failover pair) and don’t run PI. Our users connect either through 802.1x or an open SSID with a webauth portal from the 5508. I need to be able to log authentications so I can track down users who have annoyed DMCA or our security department. I’m finding that 5508 syslog outputs a huge amount of stuff, but doesn’t include successful authentications. I’ve found some posts that indicate that info is only available through SNMP traps, but I haven’t been able to find the OIDs. Has anyone been able to log auths without using PI? Thanks John ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/ . ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
