APM - Collecting smartcard session variable

Question

Hello: &nbsp;
successfully deployed SSLVPN solution using smartcard to a government customer. All works great except when the client uses SmartCard the username is not captured in APM session logs. It is only visible when the debug mode is turned on - this create a bloated and unnecessary information. &nbsp;
What are my choices for APM to exclusively capture a particular session variable on successful login and perhaps add it to default session information?&nbsp;
Thanks in advance,&nbsp;

michael_koyfma1 · Answer

Hmm, that's a bit strange.  Can you please check and see which session variables get set/populated during your policy execution?  I don't recall exactly which one is used for username reporting, but it's one of these two:&nbsp;
session.logon.last.logonname
session.logon.last.username&nbsp;
You can check the value of those variables from the CLI by using the sessiondump command(so check what is set under non-debug mode). If you discover that one or the other is NOT set, try assigning the missing value during the VPE execution and see what happens.&nbsp;

lucas_thompson_ · Answer

One of the available items in the VPE is "logging agent" where you can log a session variable of your choice at notice level.&nbsp;

amolari · Answer

you can add an action item "Logging" in the VPE and populate it with the variable.
That will populate it in all case (logon allowed or denied)&nbsp;

Forum Discussion

APM - Collecting smartcard session variable

3 Replies

Recent Discussions

MAC address not showing up in LLDP packet

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Related Content

postman collection

Collect all partition pool member stats with tmsh

APM variable assign examples

iRule variable

Collect all partitions all type wideip and its pools members status with tmsh script