cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1648
Views
20
Helpful
15
Replies
Almas Saiyed
Beginner

CiscoSecure ACS v4.2 RADIUS logs upload to FTP server

Hi,

I am using CiscoSecure ACS v4.2 appliance, in there any way that RADIUS logs upload to FTP server because it has limitation to store RADIUS logs.

Please advice.

Thanks,

AS

2 ACCEPTED SOLUTIONS

Accepted Solutions
Jatin Katyal
Cisco Employee

You can only configure remote logging. Cisco Secure ACS Solution Engine appliances configured to use the remote agent send logging data directly to the remote agent logging service, CSLogAgent. CSLogAgent writes the logging data to hard disk in the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/LgsRpts.html#wp703058

Jatin Katyal
- Do rate helpful posts -

~Jatin

View solution in original post

Amjad Abdullah
Engager

Hi AS,

Jatin replied you with a useful answer (+5 Jatin).

TFTP/FTP to transfer logs is not possible. You can either use a remote agent on a machine and configure it to collect the logs form a specified ACS OR you can use a syslog server.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

15 REPLIES 15
Jatin Katyal
Cisco Employee

You can only configure remote logging. Cisco Secure ACS Solution Engine appliances configured to use the remote agent send logging data directly to the remote agent logging service, CSLogAgent. CSLogAgent writes the logging data to hard disk in the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/LgsRpts.html#wp703058

Jatin Katyal
- Do rate helpful posts -

~Jatin

View solution in original post

Amjad Abdullah
Engager

Hi AS,

Jatin replied you with a useful answer (+5 Jatin).

TFTP/FTP to transfer logs is not possible. You can either use a remote agent on a machine and configure it to collect the logs form a specified ACS OR you can use a syslog server.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

Thanks Jatin and Amjad,

I have decided to configure syslog server to send logs, do you have any idea about open source syslog server for windows or linux ?

Thanks,

AS

This is the one I use:

http://kiwi-syslog-daemon.en.softonic.com/

More info:

http://www.kiwisyslog.com/downloads.aspx

Hope this helps.

Jatin Katyal


- Do rate helpful posts -

~Jatin

looking for Open Source one.

Hi Almas,

I am sorry I am not aware about any open-source syslog server.

You can search the internet though. Google is your best friend.

Regards,

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

try this:http://softwaretopic.informer.com/open-source-syslog-server-windows/

Jatin Katyal


- Do rate helpful posts -

~Jatin

HI,

I have configured syslog-ng on Linux. I can see Cisco 2960 switch logs but I am not able to see RADIUS logs.

Is there any configuration example for syslog-ng + Cisco ACS 4.2?

Thanks,

AS

I think this is what you need to do. Radius authentication logs will be appearing in Passed and failed authentication and accounting logs will be in radius accounting.

here you can configure syslog server information and fileds that need be sent.

let me know if you have any questions.

Jatin Katyal


- Do rate helpful posts -

~Jatin

Hi,

Here is the link to configure the syslog server on ACS 4.2 (with screenshots)

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/configuration/guide/syslog.html

Thanks & Regards

Anubhav

HI,

I have already done with ACS side, I want to log it to syslog server which syslog-ng, I dont know how to configure syslog-ng to have RADIUS logs.

Thanks,

AS

Hi,

Please find the link below to configure the syslog-ng for receiving the logs from perticular server:

http://www.logzilla.pro/syslog-ng-configuration

Regards

Anubhav.

Yes, they are there in RADIUS logs account.

Good!... so now on syslog-ng you just can't see Radius logs or it doesn't show up any log entries.

Jatin Katyal


- Do rate helpful posts -

~Jatin
Content for Community-Ad