{"id":11283,"date":"2021-10-06T16:44:39","date_gmt":"2021-10-06T15:44:39","guid":{"rendered":"https:\/\/myworldofit.net\/?p=11283"},"modified":"2021-10-06T16:44:46","modified_gmt":"2021-10-06T15:44:46","slug":"aruba-instant-pan-syslog-parse-profile","status":"publish","type":"post","link":"https:\/\/myworldofit.net\/?p=11283","title":{"rendered":"Aruba Instant &#8211; PAN Syslog Parse Profile"},"content":{"rendered":"<p>A little treat that I hope will help someone at some point, for those with Palo Alto Networks Next Generation Firewalls (NGFW) and Aruba Instant Wi-Fi you can forward syslog messages from the controller to the NGFW and parse them with the profile below to map users to IP addresses.<\/p>\n<p>There is plenty of information on syslog to User-ID at this link for those just getting started: https:\/\/docs.paloaltonetworks.com\/pan-os\/10-1\/pan-os-admin\/monitoring\/use-syslog-for-monitoring\/configure-syslog-monitoring.html.<\/p>\n<p>The text strings you will need are:<\/p>\n<ul>\n<li>User authenticated<\/li>\n<li>username-([a-zA-Z0-9\\_\\.\\@]+)<\/li>\n<li>IP-([A-F0-9a-f:.]+)<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-11284 size-full\" src=\"https:\/\/myworldofit.net\/wp-content\/uploads\/2021\/10\/syslogarubainstant.png\" alt=\"\" width=\"494\" height=\"276\" srcset=\"https:\/\/myworldofit.net\/wp-content\/uploads\/2021\/10\/syslogarubainstant.png 494w, https:\/\/myworldofit.net\/wp-content\/uploads\/2021\/10\/syslogarubainstant-300x168.png 300w\" sizes=\"auto, (max-width: 494px) 100vw, 494px\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A little treat that I hope will help someone at some point, for those with Palo Alto Networks Next Generation Firewalls (NGFW) and Aruba Instant Wi-Fi you can forward syslog messages from the controller to the NGFW and parse them with the profile below to map users to IP addresses. There is plenty of information on syslog to User-ID at&#8230; <a class=\"read-more\" href=\"https:\/\/myworldofit.net\/?p=11283\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"footnotes":""},"categories":[479,20],"tags":[539,497,495,496,423,47],"series":[],"class_list":["post-11283","post","type-post","status-publish","format-standard","hentry","category-networking","category-software","tag-aruba-instant","tag-ngfw","tag-palo-alto-networks","tag-pan","tag-syslog","tag-wi-fi"],"_links":{"self":[{"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/posts\/11283","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11283"}],"version-history":[{"count":2,"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/posts\/11283\/revisions"}],"predecessor-version":[{"id":11286,"href":"https:\/\/myworldofit.net\/index.php?rest_route=\/wp\/v2\/posts\/11283\/revisions\/11286"}],"wp:attachment":[{"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11283"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11283"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11283"},{"taxonomy":"series","embeddable":true,"href":"https:\/\/myworldofit.net\/index.php?rest_route=%2Fwp%2Fv2%2Fseries&post=11283"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}