cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1989
Views
0
Helpful
6
Replies

ACS 5.2 - Monitoring and Reports - syslog

Pierre Dubois
Beginner
Beginner

Hello,

From the Monitoring and Reporting help, I can read that ACS can act as a syslog server.

You can configure the network access devices (NADs) in your network to send syslog messages to the  Monitoring & Report Viewer. To do this, you must configure the logging port on the NAD to UDP 20514.

How can I read the log messages into ACS ? I don't see anything in the Monitoring and Reporting section. I followed the the guide to enable syslog on a device. It already sends messages to another server as well. So syslog seems to be well configured on the device.

Any clue ?

Thanks,

6 Replies 6

Eduardo Aliaga
Enthusiast
Enthusiast

You must choose the "Network Device > Network Device Log Messages" report. As you can see, only a subset of the syslog messages are supported.

Please rate if it helps. Kind regards

Hello,

Thanks for your tip.

I tried it. But nothing in the reports :

Here is the config on my device :

logging trap warnings

logging origin-id hostname

logging facility local1

logging source-interface Loopback0

logging host_ip

logging host host2_ip transport udp port 20514

Anything wrong ?

Hello. This is my config.

logging buffered 64000

logging monitor informational

epm logging

logging esm config

logging trap debugging

logging origin-id ip

logging host x.x.x.x transport udp port 20514

Hi,

I correctly applied the same config as you previously posted. From the Monitoring and Reports > Network Device > Network Device Log Messages, I still can't see any log entries.

Moreover, I always receive a warning email

Cisco Secure ACS -   Alarm Notification

Severity: Critical


Alarm Name

System Alarm [Collector]

Cause/Trigger

NAD parse failure

Alarm Details

Please see Collector log for   details

Generated On

Tue Apr 10 08:34:36 CEST 2012

How can I configure ACS to not receive this kind of alert ?

Thanks,

Hello,

Anybody has an idea about how to realize that please ?

Thanks,

Hello,

Anybody knows why I can't see any syslog becoming from the devices into the reports ? Is it possible to avoid receiving critical emails each time I receive syslog message on the ACS ?

Thanks,

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers