https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744549#M578967 <P>I'm not sure. I know you can create RO access for sure, and you can create policy for access to only Troubleshooting section (rest to be hidden).You can find details <A href="https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/admin_guide/b_ise_admin_3_1/b_ISE_admin_31_overview.html" target="_self">here</A>, on how to configure RBAC.</P> <P>I'm not sure if you can combine those two, but you are welcome to try, and to give us a feecback.</P> <P>Kind regards,</P> <P>Milos</P> Fri, 23 Dec 2022 11:53:14 GMT Milos_Jovanovic 2022-12-23T11:53:14Z https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744341#M578959 <P>Hello!</P><P>I need help with copying ISE ADE-OS system log files such as console.log, security and audit.log.</P><P>I can view the list of files using commands <STRONG><EM>sh logging system </EM></STRONG>and I can view the specific file using command <EM><STRONG>sh logging system console.log</STRONG> </EM>for example. But how can I copy these files to remote host? Do I have to copy the content of the files to the <STRONG>disk:</STRONG> directory or there is some other way?</P><P>Thanx in advanced!</P><P>&nbsp;</P> Fri, 23 Dec 2022 04:59:20 GMT https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744341#M578959 extremal.v 2022-12-23T04:59:20Z https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744411#M578962 <P>Hi <a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1345124">@extremal.v</a>,</P> <P>You can download these logs via GUI, if you go to <STRONG>Operations / Troubleshoot / Download Logs / Select ISE appliance / Select required logs</STRONG>.</P> <P>Kind regards,</P> <P>Milos</P> Fri, 23 Dec 2022 07:35:22 GMT https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744411#M578962 Milos_Jovanovic 2022-12-23T07:35:22Z https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744478#M578965 <P>Hi Milos_Jovanovic,</P><P>Thank you for the reply. I believe this is what I wanted! Can you help me with one more thing?</P><P>Is it possible to create a policy for read only access for every tabs except Operations Tab? I need to give a user an access to download logs and reports but the rest of the tabs must be the read only access. So if I create a Menu Access option with Operations Tab - Reports/Troubleshoot - Download Logs and Data Access option with Read Only settings will it work? Or I miss the point of how to create the policy?</P> Fri, 23 Dec 2022 10:04:49 GMT https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744478#M578965 extremal.v 2022-12-23T10:04:49Z https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744549#M578967 <P>I'm not sure. I know you can create RO access for sure, and you can create policy for access to only Troubleshooting section (rest to be hidden).You can find details <A href="https://www.cisco.com/c/en/us/td/docs/security/ise/3-1/admin_guide/b_ise_admin_3_1/b_ISE_admin_31_overview.html" target="_self">here</A>, on how to configure RBAC.</P> <P>I'm not sure if you can combine those two, but you are welcome to try, and to give us a feecback.</P> <P>Kind regards,</P> <P>Milos</P> Fri, 23 Dec 2022 11:53:14 GMT https://community.cisco.com/t5/network-access-control/ise-ade-os-system-log-files/m-p/4744549#M578967 Milos_Jovanovic 2022-12-23T11:53:14Z