cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1106
Views
0
Helpful
3
Replies

ACS Not showing Authentication Logs

We are using ACS for our Device Administration (Authentication and Authorization). Basically we are having HO & DR site with dual ACS working as Active/Standby. Currently my HO ACS is serving the customer and as per my configuration my HO ACS is the "Log collector" as well. 

Now I am facing two problems.

 

1- When I am accessing my any device I am able to authenticate but I am unable to find Authentication/Authorization logs in the "Monitoring &

    Reports/ */Tacacs Authentication section.

2- Second problem is with regards to Authorization. Sometimes ACS gives me extra privileges. Like sometimes I become able to enter the

     configuration mode with my read only account.

 

I am using Software: ACS 5.3.0.40.8 with Hardware:1121

Please suggest what can be the possible issue.

Thanks/Regards

3 Replies 3

Kanwaljeet Singh
Cisco Employee
Cisco Employee

Hi Muhammad,

For the second issue we need to fix the first issue:)

Are you getting no logs or just failed authentication logs?

What do you see when you do "show application status acs" on log-collector ? Have you tried restarting the processes? When did it stop working? Do "show disks" and see the utilization. Also, take a show tech and have a look at the disk partitions utilization there. It can be due to certain partitions full as well.

Regards,

Kanwal

Note: Please mark answers if they are helpful.

 

No I am not getting logs. There is no failed log. "show application status acs" shows all services are up and running. "Show disk" showing normal disk utilization with the additional message that all disk partitions are normal.

When I go to "Monitoring and Report/Dashboard" it is giving me one critical alarm "DBPurge is not running for the past two days". I have found one bug "CSCue35765"  which is directly relating to my software version but I am not sure that either it is related to my current issue or not.

Hi Muhammad,

If the opt has sufficient space then this might be a false alarm and you can apply the workaround as mentioned in the DDTS.

Did you try stopping and restarting the processes to see if that resolves the issue? Also, do you care about losing the old logs? If not, then you can do "acsview install-cleandb" and see if that resolves the issue. You need to run this command from acs-config mode.

Regards,

Kanwal

Note: Please mark answers if they are helpful.