cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

1403
Views
20
Helpful
15
Replies
Highlighted
Beginner

CiscoSecure ACS v4.2 RADIUS logs upload to FTP server

Hi,

I am using CiscoSecure ACS v4.2 appliance, in there any way that RADIUS logs upload to FTP server because it has limitation to store RADIUS logs.

Please advice.

Thanks,

AS

2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Cisco Employee

You can only configure remote logging. Cisco Secure ACS Solution Engine appliances configured to use the remote agent send logging data directly to the remote agent logging service, CSLogAgent. CSLogAgent writes the logging data to hard disk in the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/LgsRpts.html#wp703058

Jatin Katyal
- Do rate helpful posts -

~Jatin

View solution in original post

Highlighted

Hi AS,

Jatin replied you with a useful answer (+5 Jatin).

TFTP/FTP to transfer logs is not possible. You can either use a remote agent on a machine and configure it to collect the logs form a specified ACS OR you can use a syslog server.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

15 REPLIES 15
Highlighted
Cisco Employee

You can only configure remote logging. Cisco Secure ACS Solution Engine appliances configured to use the remote agent send logging data directly to the remote agent logging service, CSLogAgent. CSLogAgent writes the logging data to hard disk in the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/LgsRpts.html#wp703058

Jatin Katyal
- Do rate helpful posts -

~Jatin

View solution in original post

Highlighted

Hi AS,

Jatin replied you with a useful answer (+5 Jatin).

TFTP/FTP to transfer logs is not possible. You can either use a remote agent on a machine and configure it to collect the logs form a specified ACS OR you can use a syslog server.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

Highlighted

Thanks Jatin and Amjad,

I have decided to configure syslog server to send logs, do you have any idea about open source syslog server for windows or linux ?

Thanks,

AS

Highlighted

This is the one I use:

http://kiwi-syslog-daemon.en.softonic.com/

More info:

http://www.kiwisyslog.com/downloads.aspx

Hope this helps.

Jatin Katyal


- Do rate helpful posts -

~Jatin
Highlighted

looking for Open Source one.

Highlighted

Hi Almas,

I am sorry I am not aware about any open-source syslog server.

You can search the internet though. Google is your best friend.

Regards,

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
Highlighted

try this:http://softwaretopic.informer.com/open-source-syslog-server-windows/

Jatin Katyal


- Do rate helpful posts -

~Jatin
Highlighted

HI,

I have configured syslog-ng on Linux. I can see Cisco 2960 switch logs but I am not able to see RADIUS logs.

Is there any configuration example for syslog-ng + Cisco ACS 4.2?

Thanks,

AS

Highlighted

I think this is what you need to do. Radius authentication logs will be appearing in Passed and failed authentication and accounting logs will be in radius accounting.

here you can configure syslog server information and fileds that need be sent.

let me know if you have any questions.

Jatin Katyal


- Do rate helpful posts -

~Jatin
Highlighted

Hi,

Here is the link to configure the syslog server on ACS 4.2 (with screenshots)

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/configuration/guide/syslog.html

Thanks & Regards

Anubhav

Highlighted

HI,

I have already done with ACS side, I want to log it to syslog server which syslog-ng, I dont know how to configure syslog-ng to have RADIUS logs.

Thanks,

AS

Highlighted

Hi,

Please find the link below to configure the syslog-ng for receiving the logs from perticular server:

http://www.logzilla.pro/syslog-ng-configuration

Regards

Anubhav.

Highlighted

Yes, they are there in RADIUS logs account.

Highlighted

Good!... so now on syslog-ng you just can't see Radius logs or it doesn't show up any log entries.

Jatin Katyal


- Do rate helpful posts -

~Jatin
Content for Community-Ad