|Protocol||Information Discovered||Used For|
|Syslog||User network admission control events||Security and Compliance|
Over 20 events are parsed. See event types in RESOURCES > Event Types and search for "PacketFence-NAC-" in the main content panel Search... field.
Follow PacketFence NAC documentation to send syslog to FortiSIEM.
FortiSIEM automatically recognizes PacketFence NAC syslog as long as it follows the format shown in the sample syslog:
Oct 9 11:29:34 10.2.204.81 1 2018-10-09T11:29:34.04189+01:00 example.com packetfence.log - - - Oct 11 15:42:00 httpd.aaa(4765) WARN: [mac:40:83:1d:12:2a:cb] Calling match with empty/invalid rule class. Defaulting to 'authentication' (pf::authentication::match)