[NEBULA] Legal Logs

Bluecom
Bluecom Posts: 2  Freshman Member
First Comment Seventh Anniversary
edited April 2021 in Nebula
Where is it possible to see and export legal logs for the nebula AP for connected clients (for wlan security or captive portal) ?
«1

Comments

  • RUnglaube
    RUnglaube Posts: 135  Ally Member
    5 Answers First Comment Friend Collector Third Anniversary
    Not sure what do you mean with legal logs (?), but I guess is related to logs about clients connecting to the NAP using wlan or captive portal. If this is the case, I have seen the event logs shows mac address information when a device is connecting to a network, and it also shows the email used by the user to login using captive portal and WPA2 enterprise...
    "You will never walk along"
  • Zyxel_Dean
    Zyxel_Dean Posts: 237  Zyxel Employee
    25 Answers First Comment Friend Collector Fourth Anniversary
    Hi @Bluecom , Welcome to our Forum!
    It is possible to see which user has logged in the AP with the eventlogs , this applies with 802.1x and also captive portal login.
    For example you can see it shows an user has logged in with the below example

    However could you tell us more about what do you mean by " legal " logs? I'm pretty sure the logs you can see on NCC are legal and does not show detailed credentials of personal information besides the user account.

    Nebula_Dean
  • Bluecom
    Bluecom Posts: 2  Freshman Member
    First Comment Seventh Anniversary
    What I mean with legal logs (in France) is some information about guest access (mac adress, time and date of the connexion, ip of the distant website and the protocol used). These information need to be kept for 1 year. After a call to the Zyxel support this morning, it appears legal logs, as I want, are not for moment in the nebula solution, but is actually in development.
  • Zyxel_Dean
    Zyxel_Dean Posts: 237  Zyxel Employee
    25 Answers First Comment Friend Collector Fourth Anniversary
    @Bluecom
    The feature your asking should be traffic logs, and yes it is already in the roadmap for security gateways so please stay informed for any updates we may announce in our Forum.
    Other then that we also have an Idea section which you may let the community know if any features you may want to have.
    Cheers!

    Nebula_Dean
  • AITI
    AITI Posts: 7  Freshman Member
    First Comment First Anniversary
    Hello,
    
    do you have any news for keeping the legal logs (in France).
    
    Thanks
  • Zyxel_Dean
    Zyxel_Dean Posts: 237  Zyxel Employee
    25 Answers First Comment Friend Collector Fourth Anniversary
    edited September 2018
    Hello @AITI

    Looking back at this post, I believe legal laws means the GDPR regulation that is enforced in EU countries. I've made some searches and seems France enforced GDPR as the new data protection regulation along with other law acts for cyber security.
    We already have adjustments in Nebula corresponding to GDPR back a few month ago, the data collection and storage are legal to the terms of GDPR, so theres acutally nothing to worry about ;)

    For the traffic logs, on the NSGs you already can storage traffic logs by USB, you can find it in the local GUI of the NSG as the below screenshot shows.


    In the update at the end of this month, we will have a feature to report traffic logs through syslog server, you can refer to the upgrade notification mail sent this Monday. Let's look forward to the new feature and hopefully you and all France customers can benifit from this update  :) .


    Cheers!
  • AITI
    AITI Posts: 7  Freshman Member
    First Comment First Anniversary
    Thanks Nebula_Dean

    the legal laws in France requires to keep only 365 days and not more --> is it possible to keep only 365 days on the usb key?
  • Zyxel_Dean
    Zyxel_Dean Posts: 237  Zyxel Employee
    25 Answers First Comment Friend Collector Fourth Anniversary
    Hi @AITI

    The USB storage will keep logging until it runs out of storage space, it does not make any modifications to the logs, therefore you might have to clear the logs regularly. 

    Additionally, I'm not so sure about France incorporating 365 day of retention plus deletion of the logs as some articles mention about the French law needs to keep the logs for at least one year.

    Is there any links you could share about that information? 


  • AITI
    AITI Posts: 7  Freshman Member
    First Comment First Anniversary
    I asked the information to my commercial ZYXEL France (see file-attached): the obligations are at the level Art 1st / III
  • Zyxel_Dean
    Zyxel_Dean Posts: 237  Zyxel Employee
    25 Answers First Comment Friend Collector Fourth Anniversary
    Hi @AITI
    Thanks for the reference, good to know where the rule came from and the details decribed in it.

    So recapping from my previous reply, for USB storage it does not get auto deleted, you may have to delete them on a regular basis manually.
    Upcoming features this week will include reporting the log to syslog server, in that case you should be able to delete traffic logs more conveniently if your syslog server has the option to clear logs within a selected period.
    In the future we have plans to to keep the logs in the cloud, that way it should be the ideal case of traffic log storage.

Nebula Tips & Tricks