Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
691
Views
3
Helpful
3
Replies

AAA Report

Go to solution
yusuf.ujjainwala
Level 1
Level 1

‎01-28-2010 03:33 AM - edited ‎03-10-2019 04:54 PM

I have Cisco ACS 4.1.3 , in which I have configured Downloadable ACL for different users. I wanted to know how can I get a report that shows User X has Downloadable ACL "A" , user Y has ACL B and so on.

Regards

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎01-28-2010 06:37 AM

Hi Yousuf,

Please go to ACS--> System config-->Logging->Passed authentication-->Config->Drag DACL to Logged attributes-> Submit.

Click Up or Down to move the column for this attribute to the desired position in the log. Repeat until all the desired attributes are in the desired position in the Logged Attributes column

Regards,

~JG

Do rate helpful posts

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jagdeep Gambhir
Level 10
Level 10

‎01-28-2010 06:37 AM

Hi Yousuf,

Please go to ACS--> System config-->Logging->Passed authentication-->Config->Drag DACL to Logged attributes-> Submit.

Click Up or Down to move the column for this attribute to the desired position in the log. Repeat until all the desired attributes are in the desired position in the Logged Attributes column

Regards,

~JG

Do rate helpful posts

0 Helpful

Go to solution
darpotter
Level 5
Level 5

‎01-28-2010 06:39 AM

AFAIK there is nothing available today that can produce the report you require, however....

With extraxi aaa-reports! we have the ability to import the ACS user/group database to report on many aspects of the database. Right not we dont have a report on Downloadable ACLs, but if you wish to tell us more about your requirement (via our contact page on extraxi.com) its quite possible we could get it added quite quickly.

If the per-group/user values are present aaa-reports! will already see them and its a matter of exposing them in a report or our point and click query builder.

Of course, you can (as the other posted noted) see what ACLs were assigned to sessions via the passed authentications log, but if your requirement is about policy audit you'll need to report on the database. If you have multiple ACS servers we can import all the logs from them for consolidated reporting too!

60 day free trial available from http://www.extrax.com

Best wishes

Darran

0 Helpful

Go to solution
Jatin Katyal
Cisco Employee
Cisco Employee
In response to darpotter

‎01-28-2010 07:09 AM

Yousuf,


You can also refer RDS logs to get detailed information for any user. You would see many attributes in the radius packet along with the DACL being downloaded and applied for a user.


In ACS windows, you can find RDS logs under ACS install directory and In ACS SE you need to generate package.cab file.


HTH

Regards,

JK


Plz rate helpful posts-

~Jatin
Customers Also Viewed These Support Documents