Legal Disclaimer: The resource assets in this website may include abbreviated and/or legacy terminology for HPE Aruba Networking products. See www.arubanetworks.com for current and complete HPE Aruba Networking product lines and names.

Data Filters

This section provides the following information:

About Data Filters

Adding a Data Filter

About Data Filters

The Data Filters page provides a way to limit the number of rows of data shown by defining custom criteria or rules in the following components in Policy Manager:

Live Monitoring: Access Tracker

Syslog Export Filters

Live Monitoring: Analysis and Trending

Live Monitoring: Accounting

Preconfigured Data Filters

Policy Manager is preconfigured with the following data filters:

Table 1: Available Data filters
Data Filter	Description
[Active sessions]	Show all Active sessions
[Show all Requests]	Show all session log requests
[Application Authentication]	Show all Application Authentications
[ClearPass Application Requests]	Show all Application session log requests
[ClearPass Configuration Audit]	Show all ClearPass Configuration Audit
[ClearPass Guest]	Show all ClearPass Guest
[ClearPass System Events]	Show all ClearPass System Events
[Endpoints]	Show all Endpoints
[Event Requests]	Show all Event requests
[Failed Application Authentication]	Show all Failed Application Authentication
[Failed Requests]	Show all Failed session log requests
[Guest Access Requests]	Show all Guest Login requests
[Healthy Requests]	Show all Healthy session log requests
[Onboard Certificate]	Show all Onboard Certificate
[Onboard Enrollment]	Show all Onboard Enrollment
[Onboard OCSP Online Certificate Status Protocol. OCSP is used for determining the current status of a digital certificate without requiring a CRL. ]	Show all Onboard OCSP Online Certificate Status Protocol. OCSP is used for determining the current status of a digital certificate without requiring a CRL.
[Posture Antispyware Summary]	Show Posture Antispyware Summary
[Posture Antivirus Summary]	Show Posture Antivirus Summary
[Posture DiskEncryption Summary]	Show Posture DiskEncryption Summary
[Posture Firewall Firewall is a network security system used for preventing unauthorized access to or from a private network. Summary]	Show Posture Firewall Firewall is a network security system used for preventing unauthorized access to or from a private network. Summary
[Posture Summary]	Show Posture Summary
[Posture Windows HotFixes Summary]	Show Posture Windows HotFixes Summary
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Accounting]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Accounting
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Accounting Requests]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. accounting requests
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Authentications]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Authentications
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Failed Authentications]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Failed Authentications
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Requests]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. requests
[Successful Requests]	Show all Successful session log requests
[TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Authentication]	Show all TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Authentication
[TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Failed Authentication]	Show all TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Failed Authentication
[TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Requests]	Show all TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. requests
[Unhealthy Requests]	Show all Unhealthy session log requests
[WEBAUTH Authentication]	Show all WEBAUTH Authentication
[WEBAUTH Failed Authentications]	Show all WEBAUTH Failed Authentications
[Webauth Requests]	Show all Webauth Requests

Table 2: Access Tracker Edit Page Parameters
Data Filter	Description
[Show all Requests]	Show all session log requests
[Application Authentication]	Show all Application Authentications
[ClearPass Application Requests]	Show all Application session log requests
[ClearPass Configuration Audit]	Show all ClearPass Configuration Audit
[ClearPass Guest]	Show all ClearPass Guest
[ClearPass System Events]	Show all ClearPass System Events
[Endpoints]	Show all Endpoints
[Event Requests]	Show all Event requests
[Failed Application Authentication]	Show all Failed Application Authentication
[Failed Requests]	Show all Failed session log requests
[Guest Access Requests]	Show all Guest Login requests
[Healthy Requests]	Show all Healthy session log requests
[Onboard Certificate]	Show all Onboard Certificate
[Onboard Enrollment]	Show all Onboard Enrollment
[Onboard OCSP Online Certificate Status Protocol. OCSP is used for determining the current status of a digital certificate without requiring a CRL. ]	Show all Onboard OCSP Online Certificate Status Protocol. OCSP is used for determining the current status of a digital certificate without requiring a CRL.
[Posture Antispyware Summary]	Posture Antispyware Summary
[Posture Antivirus Summary]	Posture Antivirus Summary
[Posture DiskEncryption Summary]	Posture DiskEncryption Summary
[Posture Firewall Firewall is a network security system used for preventing unauthorized access to or from a private network. Summary]	Posture Firewall Firewall is a network security system used for preventing unauthorized access to or from a private network. Summary
[Posture Summary]	Posture Summary
[Posture Windows HotFixes Summary]	Posture Windows HotFixes Summary
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Accounting]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Accounting
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Accounting Requests]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. accounting requests
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Authentications]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Authentications
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Failed Authentications]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Failed Authentications
[RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. Requests]	Show all RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. requests
[Successful Requests]	Show all Successful session log requests
[TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Authentication]	Show all TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Authentication
[TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Failed Authentication]	Show all TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Failed Authentication
[TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. Requests]	Show all TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. requests
[Unhealthy Requests]	Show all Unhealthy session log requests
[WEBAUTH Authentication]	Show all WEBAUTH Authentication
[WEBAUTH Failed Authentications]	All WEBAUTH Failed Authentications
[Webauth Requests]	All Webauth Requests

Accessing the Data Filters Page

To access the Data Filters page:

1. Navigate to Monitoring > Data Filters. The Data Filters page opens.

Figure 1 Data Filters Page

For each data filter, the Data Filters table lists the name, description and query type, which can be either Session, Accounting or Insight.

Adding a Data Filter

Users should be aware that the following words and characters are not allowed in custom SQL queries:

;

alter

script

drop

insert

delete

create

postgres

appadmin

appuser

password

schema

replace

trim

declare

commit

overlay

update

truncate

reindex

btrim

lpad

rpad

ltrim

rtrim

To add a data filter:

1. Click the Add link.

The Add Data Filters page opens to the Filter tab.

Figure 2 shows the Filter dialog when you choose Select Attributes (the default setting).

Figure 2 Add Data Filter > Filter Tab > Select Attributes

Figure 3 shows the Filter dialog when you choose Specify Custom SQL.

Figure 3 Add Data Filter > Filter Tab > Specify Custom SQL

2. Specify the Add Data Filters parameters as described in the following table.

Add Data Filters Page > Filter Tab Parameters
Parameter	Action/Description
Name	Enter a name for the data filter.
Description	Optionally, enter a description of this data filter (recommended).
Configuration Type	Choose one of the following configuration types: Select Attributes Specify Custom SQL
Select Attributes	This option is selected by default. When you specify Select Attributes, the Rules tab appears. Use the Rules tab to configure rules for this filter.
Specify Custom SQL	When you choose Specify Custom SQL, a default SQL template is displayed. In the text entry field, enter the attributes for the type, attribute name, and attribute value. NOTE: Aruba does not recommend that you enable this option without first consulting Support (navigate to Administration > Support > Contact Support).

Rules Tab

The Rules tab displays when you choose the Select Attributes configuration type on the Filter dialog.

Figure 4 Add Data Filter > Rules Dialog

describes the Add Filter > Rules tab parameters:

Add Filter > Rules Tab
Parameter	Action/Description
Rule Evaluation Algorithm	Select ANY match is a logical OR operation of all the rules. Select ALL matches is a logical AND operation of all the rules.
Add Rule	Add a rule to the filter.
Move Up/Down	Change the order of the existing rules by clicking Up or Down.
Edit Rule	Edit an existing rule.
Remove Rule	When you select an existing rule and click Remove Rule, the selected Rule is deleted immediately (no confirmation prompt appears).

When you click Add Rule or Edit Rule, the Dashboard Filter Rules Editor dialog opens.

Figure 5 Dashboard Filters > Rules Editor

describes the Dashboard Filters > Rules Editor parameters:

Dashboard Filters > Rules Editor Configuration Parameters
Parameter	Action/Description
Matches	Specify the match conditions: ANY matches one of the configured conditions. ALL specifies to match all of the configured conditions.
Type	Select the type of data filter. Common: Attributes common to RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. , TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. , and WebAuth requests and responses. RADIUS: Attributes associated with RADIUS Remote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources. authentication, accounting requests, and responses. TACACS+: Attributes associated with TACACS+ Terminal Access Controller Access Control System+. TACACS+ provides separate authentication, authorization, and accounting services. It is derived from, but not backward compatible with, TACACS. authentication, accounting, policy requests, and responses. Web Authentication Policy: Policy Manager policy objects assigned after the evaluation of policies associated with Web Authentication requests. For example, Auth Method, Auth Source, and Enforcement Profiles.
Name	Select the name of the attribute from the Name drop-down list. The Name list varies according to which Type you selected.
Operator	Select any subset of string data type operators from the following list: EQUALS NOT_EQUALS LESS_THAN LESS_THAN_OR_EQUALS GREATER_THAN GREATER_THAN_OR_EQUALS CONTAINS NOT_CONTAINS EXISTS NOT_EXISTS
Value	The value of the attribute.