APM - Collecting smartcard session variable

Question

Hello: &nbsp;
successfully deployed SSLVPN solution using smartcard to a government customer. All works great except when the client uses SmartCard the username is not captured in APM session logs. It is only visible when the debug mode is turned on - this create a bloated and unnecessary information. &nbsp;
What are my choices for APM to exclusively capture a particular session variable on successful login and perhaps add it to default session information?&nbsp;
Thanks in advance,&nbsp;

michael_koyfma1 · Answer

Hmm, that's a bit strange.  Can you please check and see which session variables get set/populated during your policy execution?  I don't recall exactly which one is used for username reporting, but it's one of these two:&nbsp;
session.logon.last.logonname
session.logon.last.username&nbsp;
You can check the value of those variables from the CLI by using the sessiondump command(so check what is set under non-debug mode). If you discover that one or the other is NOT set, try assigning the missing value during the VPE execution and see what happens.&nbsp;

lucas_thompson_ · Answer

One of the available items in the VPE is "logging agent" where you can log a session variable of your choice at notice level.&nbsp;

amolari · Answer

you can add an action item "Logging" in the VPE and populate it with the variable.
That will populate it in all case (logon allowed or denied)&nbsp;

Forum Discussion

APM - Collecting smartcard session variable

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

iRules variables in BIG-IP Next: behavior change

postman collection

Collect all partition pool member stats with tmsh

APM variable assign examples

Getting Started with iRules: Variables

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS