https://community.cisco.com/t5/network-security/some-statement-log-are-missing-in-my-acs-log/m-p/2824928#M915149 <P>Is the read only access working for you and you just don't see the attempts in ACS logging?</P> <P>Here is an example of setting Read Only access with Radius</P> <P>https://supportforums.cisco.com/document/114076/bluecoat-packetshaper-and-cisco-acs-v5-x-configurationpdf</P> <P>Also, check under Monitoring &amp; reports &gt; Dashboard &gt; reports &gt; AAA protocol &gt; Radius authentication.</P> <P>let me know if you've any doubts.</P> <P>- Jatin</P> Sat, 16 Jan 2016 20:47:50 GMT Jatin Katyal 2016-01-16T20:47:50Z https://community.cisco.com/t5/network-security/some-statement-log-are-missing-in-my-acs-log/m-p/2824927#M915146 <P>Hi !</P> <P></P> <P>We are using our ACS server 5.6 running patch Level 4 to authenticate users on&nbsp;different telecom equipment &nbsp;with in the Compagny.</P> <P></P> <P>I'm actually trying to configure "read only access" for some users to our BlueCoat Packet Shapper device.&nbsp; The full access works properly actually.</P> <P></P> <P>I had add a new statement in the Policy before the Full access statement.&nbsp;</P> <P></P> <P>Statements are&nbsp;pretty simple the restricted statement said :</P> <P></P> <P>if Identity group is "limited" and "Device Type" is "BlueCoat" Shell Profile is "Permit access" Rule number 8</P> <P>the next statement do not take care of user member group membership &nbsp;but "Device Type" is "BlueCoat" Shell Profile is "Permit Touch" Rule number 9</P> <P></P> <P>When I look at the AAA report I know some of my attemp aren't log (and I'd liked to know why...)</P> <P>I don't know what I can do more to make my first statement match instead of the second</P> <P></P> <P>Anyone may help ?</P> Fri, 21 Feb 2020 13:41:37 GMT https://community.cisco.com/t5/network-security/some-statement-log-are-missing-in-my-acs-log/m-p/2824927#M915146 xine xine 2020-02-21T13:41:37Z https://community.cisco.com/t5/network-security/some-statement-log-are-missing-in-my-acs-log/m-p/2824928#M915149 <P>Is the read only access working for you and you just don't see the attempts in ACS logging?</P> <P>Here is an example of setting Read Only access with Radius</P> <P>https://supportforums.cisco.com/document/114076/bluecoat-packetshaper-and-cisco-acs-v5-x-configurationpdf</P> <P>Also, check under Monitoring &amp; reports &gt; Dashboard &gt; reports &gt; AAA protocol &gt; Radius authentication.</P> <P>let me know if you've any doubts.</P> <P>- Jatin</P> Sat, 16 Jan 2016 20:47:50 GMT https://community.cisco.com/t5/network-security/some-statement-log-are-missing-in-my-acs-log/m-p/2824928#M915149 Jatin Katyal 2016-01-16T20:47:50Z