Live Monitoring: Access Tracker

The Access Tracker provides a real-time display of per-session access activity on the selected server or domain. To access this page, navigate to Monitoring > Live Monitoring > Access Tracker.

Figure 1  Access Tracker Page

 

The Access Tracker's columns automatically resize as new columns are added, and can be manually resized as needed so displayed data aligns correctly in the columns. Use the mouse to grab the column separator to the left of the column title, then move the column left or right to change the column width as needed to optimize the Access Tracker display.

Table 1 describes the information provided by default on the Access Tracker page. Data columns not displayed by default can be manually added by editing the Access Tracker page.

Table 1: Access Tracker Page Default Columns

Column

Description

Server Name

Displays the name of the Policy Manager server. The server most recently selected remains highlighted, even if the mouse is moved away and the details window is closed. The highlighting is removed when the page is refreshed, or the filter is reset.

Source

Displays the authentication source for the session. For example, RADIUS or web authentication (WEBAUTH).

Username

Displays the username or MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address of the host.

Service

Displays the name of the service.

Login Status

Displays the status of the request, such as Accept, Reject, or Timeout.

Request Timestamp

Displays the date and time when the request process completed.

Editing the Access Tracker Page

You can modify the columns displayed in this table by clicking the Edit button at the top of the page to display the Access Tracker Edit Window. This page allows you to specify the server, filter, and date range displayed in the Access Tracker.

To add an additional data columns to the access tracker, select any entry in the Available Columns field then click the arrow to add that column to the table. To remove a column, select that entry from the Selected Columns field then click the arrow to move that entry back to the Available Columns field.

Figure 2  Editing the Access Tracker

The following list of available columns are not displayed by default, but can be added to the Access Tracker through the Access Tracker Edit window.

Auth Method

Auth Type

Enforcement Profiles

Error Code

Host MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. Address

Monitor Mode

NAS Network Access Server. NAS provides network access to users, such as a wireless AP, network switch, or dial-in terminal server. IP address

NAS Network Access Server. NAS provides network access to users, such as a wireless AP, network switch, or dial-in terminal server. Name

Request ID

Tips Role

Server IP

 

The Alerts Present column has been removed from the Access Tracker, Data Filter > Rules configuration, and Syslog Export Filter column selectors. However, if a backup is restored that includes Alerts Present in the selected columns for the Syslog Export Filter, the Alerts Present value will still display in syslog messages.

Using the Filter

The Filter field above the table provides a variety of predefined filter options you can use to refine and customize the information on the Access Tracker page. ClearPass supports Access Tracker filtering by RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  input and output attributes, authorization attributes, computed input and output attributes, and posture request and response attributes. The following lists describes the complete set of Access Tracker filtering options.

Request ID

Source

Username

NAS Network Access Server. NAS provides network access to users, such as a wireless AP, network switch, or dial-in terminal server. IP Address (This field supports IP address filtering in both IPv4 and IPv6 formats)

NAS Network Access Server. NAS provides network access to users, such as a wireless AP, network switch, or dial-in terminal server. Name

Service

Login Status

Error Code

Host MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. Address

Alerts

Monitor Mode

Auth Type

Auth Method

Roles

Enforcement Profiles

System Posture Token

Audit Posture Token

Authorization Attributes

Computed Input Attributes

Computed Output Attributes

Posture Request Attributes

Posture Response Attributes

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  Input Attributes

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :IETF

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Cisco

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Hewlett-Packard-Enterprise

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Alcatel-Lucent-Enterprise allows searching for a MAC Media Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. address in any of the known formats:112233AABBCC11:22:33:aa:bb:cc11-22-33-AA-BB-CC1111-2222-33331111.2222.3333

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Microsoft

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Aruba

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  Output Attributes

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :IETF

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Cisco

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Hewlett-Packard-Enterprise

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Alcatel-Lucent-Enterprise

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Microsoft

RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. :Aruba

Filtering Access Tracker Information

To filter Access Tracker information:

1. Click the Filter drop down menu and select a filter data type.

2. Click the contains drop down menu and specify contains or equals. To exlude Access Tracker filter results, consider selecting not contains or not equals. This type of negative filtering is only available on the client browser side.

3. Enter the filter text string in the entry field.

4. To filter the contents of the Access Tracker page, click Go.

To add an additional filter, click the + icon and define another filter.

To remove a filter, click the - icon by that filter.

To remove all filters and display all available information in the Access Tracker table, click Clear Filter.