Solved: RUCKUS Forums - Syslog and Palo Alto User-ID - Page 2

Wuff · ‎05-12-2026

Hello Community,

I have the following issue/request. I would like to forward an AD user’s Wi‑Fi login information via the syslog server of our VSZ 7.1.1.0872 to a Palo Alto User-ID agent.

Which setting do I need to configure on the VSZ Syslog so that this information is passed to the User-ID?

2026/05/08 08:09:16 206 Client authorization successfully Informational Client [Domain\wolf@10.0.0.62@38:7A:0E:D4:92:9D] of WLAN [HF-LAN] from AP [AP05@70:CA:97:08:50:60] was authorized. 2026/05/08 08:09:16 202 Client joined Informational Client [Domain\wolf@10.0.0.62@38:7A:0E:D4:92:9D] joined WLAN [HF-LAN] from AP [AP05@70:CA:97:08:50:60] on [b/g/n].

I assume I can then extract the details on the Palo Alto User-ID side using a regex. Thank you

sanjay_kumar · ‎05-13-2026

Hi @Wuff,

Try below steps:

Step 1:
Configure External Syslog Server under Services >> AP External Syslog Server >> Then enter the Palo Alto IP address. >> Ensure "All Logs" is selected for "Send Logs" section.

Step 2 :
Go to Access Points >> Select the AP Zone and click on Edit >> Under Syslog >> Toggle "Enable external syslog server for APs" >> Select "AP External Syslog Server Profile" >> Select the Syslog profile you have created.

Again, it is not sure if the Palo Alto can take the Syslog details and extract the User ID details.

You can also try configuring the "Accounting Server" option in the SSID and point to the Palo Alto, which will forward the user accounting details. This should allow Palo Alto to extract the User ID details.

View solution in original post