Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1989
Views
0
Helpful
6
Replies

ACS 5.2 - Monitoring and Reports - syslog

Pierre Dubois
Beginner
Beginner

ā€Ž04-04-2012 04:36 AM - edited ā€Ž03-10-2019 06:58 PM

Hello,

From the Monitoring and Reporting help, I can read that ACS can act as a syslog server.

You can configure the network access devices (NADs) in your network to send syslog messages to the  Monitoring & Report Viewer. To do this, you must configure the logging port on the NAD to UDP 20514.

How can I read the log messages into ACS ? I don't see anything in the Monitoring and Reporting section. I followed the the guide to enable syslog on a device. It already sends messages to another server as well. So syslog seems to be well configured on the device.

Any clue ?

Thanks,

Labels:
0 Helpful
6 Replies 6

Eduardo Aliaga
Enthusiast
Enthusiast

ā€Ž04-04-2012 12:41 PM

You must choose the "Network Device > Network Device Log Messages" report. As you can see, only a subset of the syslog messages are supported.

Please rate if it helps. Kind regards

0 Helpful

Pierre Dubois
Beginner
Beginner
In response to Eduardo Aliaga

ā€Ž04-04-2012 11:18 PM

Hello,

Thanks for your tip.

I tried it. But nothing in the reports :

Here is the config on my device :

logging trap warnings

logging origin-id hostname

logging facility local1

logging source-interface Loopback0

logging host_ip

logging host host2_ip transport udp port 20514

Anything wrong ?

0 Helpful

Eduardo Aliaga
Enthusiast
Enthusiast
In response to Pierre Dubois

ā€Ž04-05-2012 09:29 AM

Hello. This is my config.

logging buffered 64000

logging monitor informational

epm logging

logging esm config

logging trap debugging

logging origin-id ip

logging host x.x.x.x transport udp port 20514

0 Helpful

Pierre Dubois
Beginner
Beginner
In response to Eduardo Aliaga

ā€Ž04-09-2012 11:40 PM

Hi,

I correctly applied the same config as you previously posted. From the Monitoring and Reports > Network Device > Network Device Log Messages, I still can't see any log entries.

Moreover, I always receive a warning email

Cisco Secure ACS -   Alarm Notification

Severity: Critical


Alarm Name

System Alarm [Collector]

Cause/Trigger

NAD parse failure

Alarm Details

Please see Collector log for   details

Generated On

Tue Apr 10 08:34:36 CEST 2012

How can I configure ACS to not receive this kind of alert ?

Thanks,

0 Helpful

Pierre Dubois
Beginner
Beginner
In response to Pierre Dubois

ā€Ž04-11-2012 07:29 AM

Hello,

Anybody has an idea about how to realize that please ?

Thanks,

0 Helpful

Pierre Dubois
Beginner
Beginner
In response to Pierre Dubois

ā€Ž04-25-2012 11:24 PM

Hello,

Anybody knows why I can't see any syslog becoming from the devices into the reports ? Is it possible to avoid receiving critical emails each time I receive syslog message on the ACS ?

Thanks,

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents