Fortinet black logo

External Systems Configuration Guide

PacketFence

PacketFence Network Access Control (NAC)

Integration points

Protocol Information Discovered Used For
Syslog User network admission control events Security and Compliance

Configuring PacketFence NAC

Follow PacketFence NAC documentation to send syslog to FortiSIEM.

Configuring FortiSIEM

FortiSIEM automatically recognizes PacketFence NAC syslog as long it follows the following format as shown in the sample syslog:

Oct 9 11:29:34 10.2.204.81 1 2018-10-09T11:29:34.04189+01:00 example.com packetfence.log - - - Oct 11 15:42:00 httpd.aaa(4765) WARN: [mac:40:83:1d:12:2a:cb] Calling match with empty/invalid rule class. Defaulting to 'authentication' (pf::authentication::match)

Parsing and Events

Over 20 events are parsed – see event Types in Resources > Event Types and search for “PacketFence-NAC-“.

PacketFence Network Access Control (NAC)

Integration points

Protocol Information Discovered Used For
Syslog User network admission control events Security and Compliance

Configuring PacketFence NAC

Follow PacketFence NAC documentation to send syslog to FortiSIEM.

Configuring FortiSIEM

FortiSIEM automatically recognizes PacketFence NAC syslog as long it follows the following format as shown in the sample syslog:

Oct 9 11:29:34 10.2.204.81 1 2018-10-09T11:29:34.04189+01:00 example.com packetfence.log - - - Oct 11 15:42:00 httpd.aaa(4765) WARN: [mac:40:83:1d:12:2a:cb] Calling match with empty/invalid rule class. Defaulting to 'authentication' (pf::authentication::match)

Parsing and Events

Over 20 events are parsed – see event Types in Resources > Event Types and search for “PacketFence-NAC-“.