Network Logs
      Back to home
      1. Radiant Help Center
      2. Getting Started
      3. Network Logs

      Ivanti Connect Secure (Pulse Secure VPN)

      Configure Ivanti Connect Secure (formerly known as Pulse Secure VPN) for syslog log forwarding to Radiant Security.

      Overview

      In this guide, you will configure syslog log forwarding for Ivanti Connect Secure (previously known as Pulse Secure VPN).

      You’ll do this by completing the following steps:

      Prerequisites

      • Access to the Ivanti Connect Secure console as an Admin
      • Have a local Radiant Security Syslog Collector deployed. For more information on how to configure this, check out the Deploy a Radiant Security Syslog Collector guide.

      Add the data connector in Radiant Security

      1.   Log in to Radiant Security.
      2.   From the navigation menu, select Settings > Data Connector and click + Add Connector.
      3.   Search for and select the Pulse Secure VPN option and then click Data Feeds. image
      4.   Select the Pulse Secure VPN Syslog data feed and then click Credentials. image(1)
      5.   Under Credential Name, give the credential an identifiable name (e.g. Pulse Secure VPN). If you already have a credential in place, select it from the drop-down menu.
      6.   In the Connector tag field, enter a random value. This value will act as the salt to randomize the unique Token you’ll download in the next step.
      7.   Click Add Connector.      		 image(2)
      8.   Copy and save the Token value by clicking the clipboard option or clicking Download File.
      9.   Click Done to save your changes.

      image(3)

      Install a syslog forwarder

      To send logs from Connect Secure to Radiant Security, a syslog forwarder is required. If you haven’t already set one up, refer to Deploy a Radiant Security Syslog Collector for guidance. When configuring the forwarder, use the Token value that you copied in the previous section, and be sure to save its IP address for use in the next step.

      Configure syslog forwarding on Ivanti Connect Secure

      1. Select System > Log/Monitoring.
      2. Select the Events tab and then click Settings.image(4)
      3. On the Select Events to log Section, check the boxes for Connections Requests, Profiler Events and Reverse Proxy.
      4. In the Syslog servers section, configure the following settings:
        1. In the Server name/IP field, enter the local IP address of your syslog forwarder.
        2. In the Facility list, select LOCAL0
        3. In the Type list, select TCP
        4. In the Filter list, select WELF:WELF
        5. In the Source Interface list, select Global
      5. Click Add.
      6. Click Save Changes.
      7. Repeat steps 5-7 for the User Access and Admin Access tabs.


      We value your opinion. Did you find this article helpful? Share your thoughts by clicking here or reach to our Product and Customer Success teams at support@radiantsecurity.ai 

       

      Last updated: 2025-01-23