Hackernoon logoRemote Logging Using Syslog: How to Track Client Device Connections by@Papavero

Remote Logging Using Syslog: How to Track Client Device Connections

Nowadays, having a remote syslog feature within the WiFi network system is a must-have for Service Providers. The Tanaza software has the built-in capability of tracking the client device activities on the access points. When enabled, the messages and events stored in the access points can be exported to a remote Syslog server.
Remote Syslog
Tracking client devices’ connections in an Access Point
Some countries lawfully need to store TCP/UDP messages from access points and routers, for reporting purposes. Any given device generates information events in response to changing conditions, for example, like connections. Typically, these events are logged locally in the access points; however, monitoring and storing this data can slow down the device’s capability and, consequently, affect the network.
Thanks to the Syslog feature, network administrators can forward this information to a remote Syslog server. Tanaza is rolling out an enhancement of the Syslog feature in the platform, which allows network administrators to track the client device connections in the access point.
Users can enable the remote Syslog server in the advanced settings of each access point. Alternatively, it can be enabled on all access points within a network, in one click on the Network-wide configuration.
Afterward, every time a user connects or gets associated with an SSID, the MAC address and IP address are automatically registered in the logs.
With this feature the Syslog will show:
  • Date and timestamp (based on the time zone configured on the device)
  • Source local IP address
  • Destination IP address
  • Source and destination ports
  • Source and destination MAC addresses
It is worth mentioning that this feature only allows users to send the log information from an access point to a remote server on the local Intranet or Internet by specifying an IP address. The data travels directly from the access point to the specified remote Syslog server. Tanaza users will rely on such platforms to retrieve any related information.
Read this article to learn how to set up your remote Syslog server on the Tanaza platform.
Syslog information now includes the client device IP address
When Services Providers, by law, need to keep track of IP address activity for every single device connected to a network, it’s predominant to have a feature within the network management system that allows sending this data to a Syslog server.
Tanaza has this capability embedded in the platform. Now network administrators can see, besides the client device’s MAC address and its activity, the IP address assigned to a client device and its activity when it connects to a Syslog-enabled WiFi network.
By enabling this feature, it’s possible to associate:
  • Device MAC address
  • Device local IP address
  • Public IP addresses visited
  • The specific time when it did happen
This enhanced feature allows Tanaza users to cross-link the information with the MAC address of the device that had the same IP address for a specific period.
While this feature is powerful, it involves a higher average load per each access point, as it would have to track every single connection of every client device connected at all times. Hence, users need to take into consideration that when enabling it, and use it wisely.

Visit Tanaza website: www.tanaza.com


The Noonification banner

Subscribe to get your daily round-up of top tech stories!