Hi,
If you point the user working on primary to secondary, does the same user face the same issue or you are seeing these logs on the secondary but the users work fine? Would need to review the support bundle collected from the secondary. Might need to enable debugs to get more details while you are getting these message. It seems you are getting illegitimate TACACS requests towards secondary ACS.
Regards,
Kanwal
Note: Please mark answers if they are helpful.