This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
I have a dual appliance set up; with a distributed deployment. I am using my primary box as the log collector and I noticed today that if I point a networking device at my secondary instance for authentications nothing shows up in the logs anyway, despite the authentication being successful.
I was under the impression that any authentication requests to either the primary or secondary instance should be forwarded to the designated log collector and be viewable in the monitoring & reports viewer, is this not the case?
Are these nodes on the same subnet and is there a firewall configured between them? Also are they on the same patch level? Are these virtual machines or appliances?
Thanks guys, managed to get to the bottom of this. The rule updates I had requested were incorrectly implemented on one of the firewalls so the messages were being blocked.
Can you see the secondary up and reachable from the primary? Do configuration changes to the primary reflected successfully on the secondary?
Sent from Cisco Technical Support iPad App
We also have same deployment. one question about this.
we have secondary as collector. what happend if secondary goes down. or we make primary as log collector. what happed to log which were stored in secondary.
Does it replicate from secondary to primary oR we need to copy from one to other ACS
Thanks & Regares
There is an operation where you can perform backups of your monitoring data. Please use this guide as a reference:
*Please rate helpful posts*