Skip to main content
Skip table of contents

Syslog - Cisco Clean Access (CCA) Appliance

Prerequisites

Identify the LogRhythm System Monitor Agent that will be used for log collection.

Configure the Cisco NAC Appliance

The Cisco NAC Appliance should be configured to send syslog to the appropriate LogRhythm agent as shown here.

After you configure the device, you must also configure LogRhythm according to the instructions provided on the overview page of this guide. Only Global Admins or Restricted Admins with elevated View and Manage privileges can take this action.

The name of the log message source is Syslog - Cisco Clean Access (CCA) Appliance. In addition, when configuring this log source:

  • For Log Message Processing Mode, select MPE Processing Enabled, Event Forwarding Enabled.
  • For Log Message Processing Engine (MPE) Policy, select LogRhythm Default.
  • On the Flat File Settings tab, enter the following:
    • File Path. <path to log file, including the file name and extension>
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close