Recording User in Logs

cancel
Showing results for 
Search instead for 
Did you mean: 

Recording User in Logs

Not applicable

This should be an easy one.  Just looking for confirmation.

The only way to get user information in traffic/url/threat logs is to a) use the PAN User Agent to query AD/WMI or b) setup a caputive portal.  Is this correct?

We have a WPA2 wireless network available for students on campus.  They authenticate via 802.1x to a RADIUS server to access it.  They use personal computers.  If I wanted to get user data here, I'd have to setup a captive portal?

Thanks!

2 REPLIES 2

L4 Transporter

You will need to be using either the Pan-Agent or the TS_agent as applicable. Have your Zone setup to enable User Identification on the zone/zones you will want to monitor this way and then your logs will reflect user based traffic.

Not applicable

Hello

Yes Captive Portal is probably the way forward. The Palo Alto agents (AD/LDAP/TS) require, one-way-or-another, a domain account, and a login event to that account, which I'm guessing they don't have.

All the best,

Will

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!