https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987357#M585932 <P>Hello,<BR />I'm trying to enable audit logs on my network device and when I configure the following command I get a warning message<BR />1. aaa accounting commands<BR />2. aaa accounting exec<BR />I get a message that says "Hidden command. Use of this command is not recommended/supported will be removed in the future" (message code "PARSER-5-HIDDEN")<BR />What should I use instead?</P><P>Any thoughts?</P> Sat, 30 Dec 2023 17:17:38 GMT acapit 2023-12-30T17:17:38Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987357#M585932 <P>Hello,<BR />I'm trying to enable audit logs on my network device and when I configure the following command I get a warning message<BR />1. aaa accounting commands<BR />2. aaa accounting exec<BR />I get a message that says "Hidden command. Use of this command is not recommended/supported will be removed in the future" (message code "PARSER-5-HIDDEN")<BR />What should I use instead?</P><P>Any thoughts?</P> Sat, 30 Dec 2023 17:17:38 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987357#M585932 acapit 2023-12-30T17:17:38Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987383#M585937 <P>Hello <a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1657437">@acapit</a>&nbsp;</P><P>For aaa accounting in cisco devices, the recommended and supported commands are associated with specific accounting methods (e.g., "start-stop," "stop-only") and accounting lists. The exact syntax may vary based on your specific device and IOS version...</P><P>Basic example using "aaa accounting" with the "start-stop" method for command accounting:</P><P><EM>aaa accounting exec default start-stop group tacacs+</EM><BR /><EM>aaa accounting commands 15 default start-stop group tacacs+</EM></P><P>First command, l<SPAN>og the start and stop of EXEC session to the device. When the user logged in and when the user logged out. Total time spent.</SPAN></P><P><SPAN>The second command, log all the commands executed by the user, that are at privilege level 15.</SPAN></P><P>&nbsp;</P> Sat, 30 Dec 2023 19:57:12 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987383#M585937 M02@rt37 2023-12-30T19:57:12Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987384#M585938 <P>Can I see all aaa config&nbsp;</P> <P>MHM</P> Sat, 30 Dec 2023 20:01:37 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987384#M585938 MHM Cisco World 2023-12-30T20:01:37Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987391#M585939 <P>I know that as I said when I configure the following commands I get a warning</P><P>&nbsp;<SPAN>"Hidden command. Use of this command is not recommended/supported will be removed in the future" (message code "PARSER-5-HIDDEN"),&nbsp;</SPAN></P><P><SPAN>Do you have any other solution? </SPAN></P> Sat, 30 Dec 2023 20:36:14 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987391#M585939 acapit 2023-12-30T20:36:14Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987394#M585940 <P>Please share your aaa configuration&nbsp;</P> Sat, 30 Dec 2023 20:40:30 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987394#M585940 M02@rt37 2023-12-30T20:40:30Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987397#M585941 <P><SPAN class="ph synph"><SPAN class="keyword kwd">aaa accounting commands <STRONG>visible-keys&nbsp;</STRONG></SPAN></SPAN></P> <P><SPAN class="ph synph"><SPAN class="keyword kwd">try this&nbsp;</SPAN></SPAN></P> Sat, 30 Dec 2023 20:56:12 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987397#M585941 MHM Cisco World 2023-12-30T20:56:12Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987401#M585942 <P>Sadly I cannot share with you my configuration due to my company policy.</P> Sat, 30 Dec 2023 21:18:43 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987401#M585942 acapit 2023-12-30T21:18:43Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987402#M585943 <DIV class=""><DIV class=""><P>Sadly I cannot share with you my configuration due to my company policy.</P></DIV></DIV> Sat, 30 Dec 2023 21:18:56 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987402#M585943 acapit 2023-12-30T21:18:56Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987404#M585944 <P><SPAN>aaa accounting commands&nbsp;</SPAN><STRONG>visible-keys&nbsp;</STRONG></P> <P><STRONG>Try using this command to see command without mask</STRONG></P> Sat, 30 Dec 2023 21:26:31 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987404#M585944 MHM Cisco World 2023-12-30T21:26:31Z https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987405#M585945 <P>we see same message when we using Cat 9300 its bug -&nbsp;<STRONG>CSCuc32663</STRONG></P> <P><A href="https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-3/configuration_guide/sec/b_173_sec_9300_cg/configuring_authorization.html" target="_blank">https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/17-3/configuration_guide/sec/b_173_sec_9300_cg/configuring_authorization.html</A></P> Sat, 30 Dec 2023 21:34:50 GMT https://community.cisco.com/t5/network-access-control/tacacs-audit-logs-legacy/m-p/4987405#M585945 balaji.bandi 2023-12-30T21:34:50Z