# Copyright (c) 2010 Flowerfire, Inc. All Rights Reserved. aruba_wireless_switch = { plugin_version = "1.2.1" info.1.manfacturer = "Aruba Networks" info.1.device = "Aruba Wireless LAN Switch" info.1.version = "800" # 2007-07-17 - 1.0beta - KBB - Initial creation. # 2007-08-09 - 1.1beta - KBB - Added support for additional line formats. Added sessions. # Grouped reports. Added two new numeric fields. # 2007-09-11 - 1.1 - KBB - Renumbered per new beta policy. # 2008-04-01 - 1.2 - GMF - Added support for a new version # 2008-04-01 - 1.2.1 - GMF - Enhanced autodetection to look further, and recognize DBUG # 2010-11-30 - 1.2.2 - SAA - Added a Log Field of session_event_type so NPW wouldn't throw an "Unknown config group session_event_type" Sawmill Alert # Autodetect a lot of lines, in case the leading ones are KERNEL or other unrecognized lines. log.format.autodetect_lines = 200 # The name of the log format - note: remove number when more versions are supported log.format.format_label = "Aruba 800 Wireless LAN Switch Log Format" log.miscellaneous.log_data_type = "syslog_required" log.miscellaneous.log_format_type = "network_device" # The log is in this format if any of the first ten lines match this regular expression #2007-06-21 13:15:06 Local0.Info 10.102.22.222 Jun 21 16:27:40 2007 [10.102.22.222] cfgm[371]: Current Version is 2.4 # 2008-04-01 - GMF - New format has after IP, e.g.: #2008-03-28 16:12:29 Local7.Notice 12.34.56.78 Mar 28 16:41:53 2008 [98.76.54.32] stm[522]: <501080> |stm| Deauth to sta: 01:23:45:67:89:ab: Ageout AP 12.34.56.78-fe:dc:ba:98:76:54-D607 Denied; Ageout log.format.autodetect_regular_expression = '[A-Z][a-z][a-z] [0-9 ][0-9] [0-9]{2}:[0-9]{2}:[0-9]{2} [0-9]{4} \\[[0-9.]+\\] [a-z]+[^:]*: .* <(INFO|ERRS|NOTI|WARN|DBUG)> ' # All log field parsing will be done using the parsing filters log.format.parse_only_with_filters = "true" # Don't remove reloads from sessions, since all "page" values are the same statistics.miscellaneous.remove_reloads_from_sessions = "false" # Log fields log.fields = { daemon = "" pid = "" log_level = "" operation = "" message = "" debug_query = "" reason = "" sta_ip = "" sta_mac_address = "" # STA = station ap_ip = "" # AP = access point #ap_mac_address = "" switch_ip = "" location_id = "" auth_alg = "" vlan = "" u_encr = "" m_encr = "" ssid = "" bssid = "" essid = "" slotport = "" ingress = "" tunnel = "" user = "" auth = "" reauth = "" role = "" flags = "" etype = "" domain = "" num_users = "" vlan_defined = "" vlan_current = "" vlan_assigned = "" method = "" name = "" port = "" server = "" type = "" update = "" session_event_type = "" } # log.fields log.field_options = { sessions_page_field = "session_event_type" sessions_visitor_id_field = "sta_mac_address" sessions_event_field = "session_events" } # log.field_options # Log Parsing Filters log.parsing_filters.parse = ` #2007-06-21 13:14:59 Local0.Info 10.222.222.222 Jun 21 16:27:33 2007 [10.222.222.222] stm[432]: Clearing state for STA - 00:04:23:a1:2f:2c # Process data common to all lines if (matches_regular_expression(v.syslog_message, '^([A-Z][a-z][a-z]) ([ 0-9][0-9]) ([0-9:]+) ([0-9]{4}) \\\\[([0-9.]+)\\\\] ([a-z]+[^:]*): (.*)')) then ( set_collected_field('', 'date', $2 . "/" . $1 . "/" . $4); set_collected_field('', 'time', $3); v.aruba_device = $5; v.daemon = $6; v.syslog_message = $7; # Extract field. if (matches_regular_expression(v.syslog_message, '^<[0-9]+> (.*)')) then v.syslog_message = $1; # Extract log level if (matches_regular_expression(v.syslog_message, '^<([A-Z]+)> (.*)')) then ( v.log_level = $1; set_collected_field('', 'log_level', v.log_level); v.syslog_message = $2; ); # Discard the "|stm| " field if (matches_regular_expression(v.syslog_message, '^[|][^|]+[|] (.*)')) then ( v.syslog_message = $1; ); if (matches_regular_expression(v.daemon, '^([a-z]+)\\\\[([0-9]+)\\\\]$')) then ( v.daemon = $1; set_collected_field('', 'pid', $2); ); set_collected_field('', 'daemon', v.daemon); set_collected_field('', 'switch_ip', v.aruba_device); v.logging_device = get_collected_field('', 'logging_device'); if (v.logging_device ne '' and v.logging_device ne v.aruba_device) then ( v.aruba_device = v.logging_device . " (" . v.aruba_device . ")"; set_collected_field('', 'logging_device', v.aruba_device); ); #2007-06-21 13:15:37 Local0.Debug 10.101.16.253 Jun 21 16:28:11 2007 [10.101.16.253] master[420]: masDelete_table: DELETE FROM globalTable WHERE mac='00:0c:f1:30:85:29'; if (v.log_level eq "DBUG QUERIES") then ( set_collected_field('', 'debug_query', v.syslog_message); ); #auth success <00:0e:35:c4:79:83> AP 10.102.12.242-00:0b:86:a7:1c:61-1.8.2 #auth req <00:0e:35:c4:79:83> AP 10.102.12.242-00:0b:86:a7:1c:61-1.8.2 auth_alg 0 #if (matches_regular_expression(v.syslog_message, '(auth [^<]+) <([0-9a-fA-F:]+)> AP ([0-9.]+)-([0-9a-fA-F:]+)-([0-9.]+) ?(auth_alg (.*))?')) then ( # can't do this because $7 may persist from above else if (matches_regular_expression(v.syslog_message, '([Aa]uth [^<]+) ? AP ([0-9.]+)-([0-9a-fA-F:]+)-([0-9.]+)(.*)')) then ( set_collected_field('', 'operation', $1); set_collected_field('', 'sta_mac_address', $2); set_collected_field('', 'ap_ip', $3); set_collected_field('', 'bssid', $4); set_collected_field('', 'location_id', $5); v.rest = $6; if (matches_regular_expression(v.rest, ' auth_alg (.*)')) then ( set_collected_field('', 'auth_alg', $1); ); ); # auth req/success #deauth to sta <00:0e:35:67:66:68> Ageout AP 10.222.22.22-00:0b:86:a7:1a:81-1.8.1 handle_sapcp #deauth to sta <00:0e:35:67:66:68> Ageout AP 10.222.22.22-00:0b:86:a7:1a:81-1.8.1 Denied; Ageout else if (matches_regular_expression(v.syslog_message, '^[Dd]eauth to sta:? ?( [^ ]*) AP ([0-9.]+)-([0-9a-fA-F:]+)-([^ ]+) (.*)$')) then ( set_collected_field('', 'operation', 'deauth' . $2); set_collected_field('', 'sta_mac_address', $1); set_collected_field('', 'ap_ip', $3); set_collected_field('', 'bssid', $4); set_collected_field('', 'location_id', $5); set_collected_field('', 'reason', $6); ); # deauth #dot1x state <00:0c:f1:30:85:29> Max Retry attempted for station #dot1x state <00:0c:f1:30:85:29> Exiting the 8021x State Machine, De-authing the station else if (matches_regular_expression(v.syslog_message, '^([^ ]+ state) <([0-9a-zA-Z:]+)> (.*)$')) then ( set_collected_field('', 'operation', $1); set_collected_field('', 'sta_mac_address', $2); set_collected_field('', 'reason', $3); ); # dot1x state #Clearing state for STA - 00:04:23:6e:a5:57 else if (matches_regular_expression(v.syslog_message, '^(Clearing state for STA) - ([0-9a-fA-F:]+)')) then ( set_collected_field('', 'operation', $1); set_collected_field('', 'sta_mac_address', $2); ); # clearing state #Sending STA 00:0e:35:c4:79:83 message to Auth and Mobility Unicast Encr Open Multicast Encr Open VLAN 0x1 #Sending STA 00:15:00:4c:87:76 message to Auth and Mobility Unicast Encr Dynamic WEP Multicast Encr Dynamic WEP VLAN 0x1 else if (matches_regular_expression(v.syslog_message, '^Sending STA ([0-9a-fA-F:]+) message to Auth and Mobility Unicast Encr (.*)$')) then ( set_collected_field('', 'operation', 'Sending Auth and Mobility message'); set_collected_field('', 'sta_mac_address', $1); v.encr = $2; # Because we don't know the possible values for u_encr and m_encr, # this is more efficient than multiple .*s v.uencr_index = index(v.encr, ' Multicast Encr '); if (v.uencr_index != -1) then ( set_collected_field('', 'u_encr', substr(v.encr, 0, v.uencr_index)); v.vlan_index = index(v.encr, ' VLAN '); if (v.vlan_index != -1) then ( set_collected_field('', 'm_encr', substr(v.encr, v.uencr_index + 16, v.vlan_index - (v.uencr_index + 16))); set_collected_field('', 'vlan', substr(v.encr, v.vlan_index + 6)); ); else ( set_collected_field('', 'm_encr', substr(v.encr, v.uencr_index + 16)); ); ); ); # auth/mobility message #FLAGGING AP with BSSID 00:18:f3:9d:3e:7a SSID SMC as an Unsecure AP #FLAGGING AP with BSSID 00:16:e3:f6:9d:42 SSID as an Unsecure AP else if (matches_regular_expression(v.syslog_message, '^FLAGGING AP with BSSID ([0-9a-fA-F:]+) SSID ([^ ]*) ?as an Unsecure AP')) then ( set_collected_field('', 'operation', 'FLAGGING Unsecure AP'); set_collected_field('', 'bssid', $1); #set_collected_field('', 'ap_mac_address', $1); set_collected_field('', 'ssid', $2); ); # flagging unsecure AP # Unfortunately, the related station up event doesn't have user info - todo: treat as one event? #station up <00:0e:35:67:66:68> update station bssid to 00:0b:86:a7:1a:81 (#users 1) #station up <00:0c:f1:30:a5:70 BIRDLY\pelican> update station bssid to 00:0b:86:a7:1a:c0 (#users 1) else if (matches_regular_expression(v.syslog_message, '^station up <([^>]+)> update station bssid to ([0-9a-fA-F:]+) \\\\(\\\\#users ([0-9]+)\\\\)')) then ( set_collected_field('', 'operation', 'station up'); set_collected_field('', 'bssid', $2); set_collected_field('', 'num_users', $3); v.sta = $1; if (matches_regular_expression(v.sta, '([0-9a-fA-F:]+) ([^>]+)')) then ( v.sta = $1; set_collected_field('', 'user', $2); ); set_collected_field('', 'sta_mac_address', v.sta); ); # station up - user info #station auth <00:0e:35:67:08:c6 BIRDLY\finch> auth=802.1x, role=BirdCharmer, vlan def=1, cur=1, assigned=0 else if (matches_regular_expression(v.syslog_message, '^station auth <([0-9a-fA-F:]+) ([^>]+)> auth=([^,]+), role=([^,]+), vlan def=([0-9]+), cur=([0-9]+), assigned=([0-9]+)')) then ( set_collected_field('', 'operation', 'station auth'); set_collected_field('', 'sta_mac_address', $1); set_collected_field('', 'user', $2); set_collected_field('', 'auth', $3); set_collected_field('', 'role', $4); set_collected_field('', 'vlan_defined', $5); set_collected_field('', 'vlan_current', $6); set_collected_field('', 'vlan_assigned', $7); ); # station auth #station up <00:0e:35:67:66:68> bssid 00:0b:86:a7:1a:81, essid TECO-Wireless, vlan 1, ingress 0x1055 (tunnel 21), u_encr 1, m_encr 1, loc 1.8.1 slotport 0x1021 #station down <00:0c:f1:30:85:29> bssid 00:0b:86:a6:92:60, essid TECO-Domain, vlan 1, ingress 0x104d (tunnel 13), u_encr 4, m_encr 4, loc 2.10.3 slotport 0x1021 #else if (matches_regular_expression(v.syslog_message, '(station up|station down) <([0-9a-fA-F:]+)> bssid ([0-9a-fA-F:]+), essid ([^,]+), vlan ([^,]+), ingress ([^ ]+) \\\\(tunnel ([0-9]+)\\\\), u_encr ([0-9]+), m_encr ([0-9]+), loc ([0-9.]+) slotport ([^ ]+)')) then ( else if (matches_regular_expression(v.syslog_message, '^(station up|station down) <([0-9a-fA-F:]+)> bssid ([0-9a-fA-F:]+), essid ([^,]+), vlan ([^,]+), ingress ([^ ]+ \\\\(tunnel ([0-9]+)\\\\)), u_encr ([0-9]+), m_encr ([0-9]+), loc ([0-9.]+) slotport ([^ ]+)')) then ( set_collected_field('', 'operation', $1); set_collected_field('', 'sta_mac_address', $2); set_collected_field('', 'bssid', $3); #set_collected_field('', 'ap_mac_address', $3); set_collected_field('', 'essid', $4); set_collected_field('', 'vlan', $5); set_collected_field('', 'ingress', $6); set_collected_field('', 'tunnel', $7); # should this be separate? or part of ingress? set_collected_field('', 'u_encr', $8); set_collected_field('', 'm_encr', $9); set_collected_field('', 'location_id', $10); set_collected_field('', 'slotport', $11); ); # station up/down #assoc success <00:0e:35:c4:79:83> AP 10.222.222.222-00:0b:86:a7:1c:61-1.8.2 #assoc req <00:15:00:4c:87:76> AP 10.222.22.22-00:0b:86:a6:92:61-2.10.3 else if (matches_regular_expression(v.syslog_message, '^([Aa]ssoc [a-z]+) ? AP ([0-9.]+)-([0-9a-fA-F:]+)-([^ ]+)')) then ( set_collected_field('', 'operation', $1); set_collected_field('', 'sta_mac_address', $2); set_collected_field('', 'ap_ip', $3); set_collected_field('', 'bssid', $4); #set_collected_field('', 'ap_mac_address', $4); set_collected_field('', 'location_id', $5); ); #disassoc from sta <00:14:a5:64:c7:d0> AP 10.222.22.22-00:0b:86:a6:99:d1-2.10.1 Reason STA has left and is disassocisted #disassoc from sta <00:0e:35:c4:79:83> AP 10.222.22.22-00:0b:86:a7:1a:81-1.8.1 Reason Unspecified Failure else if (matches_regular_expression(v.syslog_message, '^[Dd]isassoc from sta:? ? AP ([0-9.]+)-([0-9a-fA-F:]+)-([^ ]+) Reason (.*)$')) then ( set_collected_field('', 'operation', 'disassoc'); set_collected_field('', 'sta_mac_address', $1); set_collected_field('', 'ap_ip', $2); set_collected_field('', 'bssid', $3); set_collected_field('', 'location_id', $4); set_collected_field('', 'reason', $5); ); #tunnel del <00:18:de:36:4a:dd> Reset station role to KitFoxDomain (28) (ingress=4173) else if (matches_regular_expression(v.syslog_message, '^tunnel del <([0-9a-zA-Z:]+)> Reset station role to ([^ ]+) \\\\(([0-9]+)\\\\) \\\\(ingress=([0-9]+)\\\\)$')) then ( set_collected_field('', 'operation', 'tunnel del, station role reset'); set_collected_field('', 'sta_mac_address', $1); set_collected_field('', 'tunnel', $2); # is this the tunnel?? set_collected_field('', 'ingress', $3); ); # tunnel del #User (KITFOX\benlomond:00:15:00:4c:87:76) was Machine authenticated else if (matches_regular_expression(v.syslog_message, '^User \\\\(([^:]+):([0-9a-zA-Z:]+)\\\\) was Machine authenticated$')) then ( set_collected_field('', 'operation', 'Machine authentication'); set_collected_field('', 'user', $1); set_collected_field('', 'sta_mac_address', $2); ); # machine auth #user request successful, role="FoxRole" else if (matches_regular_expression(v.syslog_message, '^(user [^,=<]+), (.*)$')) then ( set_collected_field('', 'operation', $1); collect_listed_fields('', $2, ', ', '=', ''); ); #user idle <00:18:de:dd:db:58 10.222.22.202 KITFOX\sonjaz> role=KitFoxDomain #user idle <00:14:a5:64:c7:d0 10.101.16.90> role=logon #user miss <00:19:d2:8c:02:9f 10.222.222.222> ingress=0x1049 (tunnel 9), vlan=1, flags=0x40, etype=0x800 #user del <00:18:de:dd:db:58 10.222.222.222 KITFOX\sonjaz> user entry deleted; reason=idle timeout else if (matches_regular_expression(v.syslog_message, '^(user [a-z ]+) <([0-9a-fA-F:]+) ([0-9.]+) *([^ ]*)> (.*[^ ]) *$')) then ( v.operation = $1; set_collected_field('', 'operation', v.operation); set_collected_field('', 'sta_mac_address', $2); set_collected_field('', 'sta_ip', $3); set_collected_field('', 'user', $4); collect_listed_fields('', $5, ', ', '=', ''); if (v.operation eq 'user del') then ( set_collected_field('', 'session_event_type', 'logout'); ); v.ingress = get_collected_field('', 'ingress'); if (matches_regular_expression(v.ingress, '([^ ]*) \\\\(tunnel ([0-9]+)\\\\)')) then ( set_collected_field('', 'ingress', $1); set_collected_field('', 'tunnel', $2); ); ); # user miss, etc #TRAIL: 00:09:2d:a7:3d:39 0.0.0.0 MS:10.222.22.22 V:1 L:1.5.1 T:AP B:00:0b:86:a6:3c:81 # Note: MS = MSwitch = Mobility Switch - Aruba internal name else if (matches_regular_expression(v.syslog_message, '^TRAIL: ([0-9a-fA-F:]+) ([0-9.]+) MS:([0-9.]+) V:([0-9]+) L:([0-9.]+) T:([^ ]+) B:([0-9a-fA-F:]+)')) then ( set_collected_field('', 'operation', 'TRAIL'); set_collected_field('', 'sta_mac_address', $1); set_collected_field('', 'sta_ip', $2); set_collected_field('', 'switch_ip', $3); # Probably the same, but just in case... set_collected_field('', 'vlan', $4); set_collected_field('', 'location_id', $5); #set_collected_field('', 'type', $6); set_collected_field('', 'bssid', $7); ); # TRAIL # This must be before login or it will match #inherit <00:0e:35:96:2c:71 10.222.22.22> bssid:00:0b:86:a6:96:d1 essid: KITFOX-ess auth:0 type: role:logon loc:2.10.2 name: port:0x1056 #inherit <00:18:de:dd:db:58 10.222.222.222 KitFox\sonjaz> bssid:00:0b:86:a6:92:60 essid: TECO-Domain auth:1 type:802.1x role:TecoDomain loc:2.10.3 name:KitFox\sonjaz port:0x104d else if (matches_regular_expression(v.syslog_message, '^inherit <([0-9a-zA-Z:]+) ([0-9.]+) ?([^>]*)> bssid: *([0-9a-zA-Z:]*) essid: *([^ ]*) auth: *([^ ]*) type: *([^ ]*) role: *([^ ]*) loc: *([0-9.]*) name: *([^ ]*) port: *([^ ]*)$')) then ( set_collected_field('', 'operation', 'inherit'); set_collected_field('', 'sta_mac_address', $1); set_collected_field('', 'sta_ip', $2); set_collected_field('', 'user', $3); set_collected_field('', 'bssid', $4); set_collected_field('', 'essid', $5); set_collected_field('', 'auth', $6); set_collected_field('', 'type', $7); set_collected_field('', 'role', $8); set_collected_field('', 'location_id', $9); set_collected_field('', 'name', $10); set_collected_field('', 'port', $11); ); # inherit #login <00:0e:9b:4a:c5:65 10.222.22.22 KITFOX\tlawrence> method=802.1x, server=KITFOX-server, role=KitFoxDomain Update(status 1 method 1 role 1), reauth=0 sec #aaa <00:0c:f1:30:a5:70 10.222.22.22 sascha> method=Web, result=Authentication Successful, server=KITFOX-server else if (matches_regular_expression(v.syslog_message, '^([a-z]+) <([0-9a-zA-Z:]+) ([0-9.]+) ([^>]+)> (.*)$')) then ( set_collected_field('', 'operation', $1); set_collected_field('', 'sta_mac_address', $2); set_collected_field('', 'sta_ip', $3); set_collected_field('', 'user', $4); collect_listed_fields('', $5, ', ', '=', ''); #v.reauth = get_collected_field('', 'reauth'); #if (matches_regular_expression(v.reauth, '^([0-9]+) sec$')) then ( # set_collected_field('', 'reauth', $1); #); v.role = get_collected_field('', 'role'); if (matches_regular_expression(v.role, '^(.*) Update\\\\((status [0-9]+ method [0-9]+ role [0-9]+)\\\\)')) then ( set_collected_field('', 'role', $1); set_collected_field('', 'update', $2); ); ); # login #stamgr_handle_ageout: Ageing STA 00:04:23:79:ec:50 else if (matches_regular_expression(v.syslog_message, '^stamgr_handle_ageout: Ageing STA ([[0-9a-zA-Z:]+)$')) then ( set_collected_field('', 'operation', 'Aging STA'); set_collected_field('', 'sta_mac_address', $1); ); #apmgr_handle_ageout: Ageing AP 00:19:a9:55:fb:40 SSWLAN-XY else if (matches_regular_expression(v.syslog_message, '^apmgr_handle_ageout: Ageing AP ([[0-9a-zA-Z:]+) ([^ ]*)$')) then ( set_collected_field('', 'operation', 'Aging AP'); set_collected_field('', 'bssid', $1); set_collected_field('', 'essid', $2); ); #selected server KITFOX-server for method=802.1x; user=KITFOX\sonjaz, essid=KITFOX-ess, domain=KITFOX #selected server KITFOX-server for method=802.1x; user=host/rudy.hello.com.tw, essid=KITFOX-ess, domain=<> else if (matches_regular_expression(v.syslog_message, '^selected server ([^ ]+) for method=([^;]+); (.*)$')) then ( set_collected_field('', 'operation', 'selected server'); set_collected_field('', 'server', $1); set_collected_field('', 'method', $2); collect_listed_fields('', $3, ', ', '=', ''); v.domain = get_collected_field('', 'domain'); if (matches_regular_expression(v.domain, '^<(.*)>$')) then ( set_collected_field('', 'domain', $1); ); ); # selected server # Line formats not supported #setup_sibyte_mcast_group: T 1052 V 1 A 1 #Retrieving Tunnel info for Vlan 1 #Received the MSG_USER_REQUEST for user 00:0e:35:67:08:c6 #Received the MSG_USER_INSERT Message for user=00:15:00:4c:87:76 #Received packet 0x10058a38 from port 8220 #Invalid message 0 from 10.222.22.22:8344, len 44 #Ignoring ICMP reply timeout for unknown user 10.222.22.22 #Dropping Radius response for supplicant 00:15:00:4c:87:76, incorrect state for radius response 1 #Current Version is 2.4 else ( set_collected_field('', 'message', v.syslog_message); ); if (get_collected_field('', 'sta_mac_address') ne '(empty)') then ( set_collected_field('', 'session_events', 1); ); accept_collected_entry('', false); ); ` # Database fields database.fields = { daemon = "" pid = "" log_level = "" operation = "" message = "" debug_query = "" reason = "" sta_ip = "" sta_mac_address = "" # STA = station ap_ip = "" # AP = access point #ap_mac_address = "" # same as bssid switch_ip = "" location_id = "" auth_alg = "" vlan = "" u_encr = "" m_encr = "" ssid = "" bssid = "" essid = "" slotport = "" ingress = "" tunnel = "" user = "" auth = "" reauth = "" role = "" flags = "" etype = "" domain = "" vlan_defined = "" vlan_current = "" vlan_assigned = "" method = "" name = "" port = "" server = "" type = "" update = "" session_event_type = "" } # database.fields # Log Filters log.filters = { mark_entry = { label = '$lang_admin.log_filters.mark_entry_label' comment = '$lang_admin.log_filters.mark_entry_comment' value = 'events = 1;' } # mark_entry } # log.filters database.numerical_fields = { events = { default = true requires_log_field = false entries_field = true } # events session_events = { default = true requires_log_field = false } # session_events maximum_users = { log_field = "num_users" aggregation_method = "max" } # maximum_users unique_sta_mac_addresses = { log_field = "sta_mac_address" type = "unique" } # unique_sta_mac_addresses } # database.numerical_fields create_profile_wizard_options = { # How the reports should be grouped in the report menu report_groups = { date_time_group = "" users_group = { sta_ip = true sta_mac_address = true user = true role = true domain = true update = true name = true } # users_group ap_group = { ap_ip = true location_id = true ssid = true bssid = true essid = true } # ap_group security_group = { auth_alg = true u_encr = true m_encr = true auth = true reauth = true method = true type = true } # security_group vlan_group = { vlan = true vlan_defined = true vlan_current = true vlan_assigned = true } # vlan_group other_group = { switch_ip = true daemon = true pid = true log_level = true operation = true message = true debug_query = true reason = true port = true server = true slotport = true ingress = true tunnel = true flags = true etype = true syslog_priority = true logging_device = true } # other_group } # report_groups final_step = ` include "templates.admin.profiles.setup_reports_util"; string profile = "profiles." . volatile.new_profile_name; string reports = profile . ".statistics.reports"; string summary = profile . ".statistics.reports.single_page_summary.report_elements"; string menu = profile . ".statistics.reports_menu"; # Create the standard reports add_standard_reports(profile); # fields not meaningful with special sessions reporting delete_node(reports . ".entry_pages"); delete_node(summary . ".entry_pages"); delete_node(menu . ".sessions_group.items.entry_pages"); delete_node(reports . ".exit_pages"); delete_node(summary . ".exit_pages"); delete_node(menu . ".sessions_group.items.exit_pages"); delete_node(reports . ".session_pages"); delete_node(summary . ".session_pages"); delete_node(menu . ".sessions_group.items.session_pages"); delete_node(reports . ".session_page_paths"); delete_node(summary . ".session_page_paths"); delete_node(menu . ".sessions_group.items.session_page_paths"); delete_node(reports . ".session_paths"); delete_node(summary . ".session_paths"); delete_node(menu . ".sessions_group.items.session_paths"); delete_node(reports . ".session_event_type"); # always "logout" delete_node(summary . ".session_event_type"); delete_node(menu . ".session_event_type"); ` # end of final_step } # create_profile_wizard_options } # aruba_wireless_switch