04-25-2013 10:10 PM - edited 03-10-2019 08:21 PM
Hi,
I am using CiscoSecure ACS v4.2 appliance, in there any way that RADIUS logs upload to FTP server because it has limitation to store RADIUS logs.
Please advice.
Thanks,
AS
Solved! Go to Solution.
04-26-2013 12:35 PM
You can only configure remote logging. Cisco Secure ACS Solution Engine appliances configured to use the remote agent send logging data directly to the remote agent logging service, CSLogAgent. CSLogAgent writes the logging data to hard disk in the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.
Jatin Katyal
- Do rate helpful posts -
04-26-2013 10:05 PM
Hi AS,
Jatin replied you with a useful answer (+5 Jatin).
TFTP/FTP to transfer logs is not possible. You can either use a remote agent on a machine and configure it to collect the logs form a specified ACS OR you can use a syslog server.
HTH
Amjad
Rating useful replies is more useful than saying "Thank you"
04-26-2013 12:35 PM
You can only configure remote logging. Cisco Secure ACS Solution Engine appliances configured to use the remote agent send logging data directly to the remote agent logging service, CSLogAgent. CSLogAgent writes the logging data to hard disk in the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.
Jatin Katyal
- Do rate helpful posts -
04-26-2013 10:05 PM
Hi AS,
Jatin replied you with a useful answer (+5 Jatin).
TFTP/FTP to transfer logs is not possible. You can either use a remote agent on a machine and configure it to collect the logs form a specified ACS OR you can use a syslog server.
HTH
Amjad
Rating useful replies is more useful than saying "Thank you"
04-30-2013 01:34 AM
Thanks Jatin and Amjad,
I have decided to configure syslog server to send logs, do you have any idea about open source syslog server for windows or linux ?
Thanks,
AS
04-30-2013 03:17 AM
This is the one I use:
http://kiwi-syslog-daemon.en.softonic.com/
More info:
http://www.kiwisyslog.com/downloads.aspx
Hope this helps.
Jatin Katyal
- Do rate helpful posts -
04-30-2013 05:01 AM
looking for Open Source one.
04-30-2013 10:44 PM
Hi Almas,
I am sorry I am not aware about any open-source syslog server.
You can search the internet though. Google is your best friend.
Regards,
Amjad
Rating useful replies is more useful than saying "Thank you"
05-01-2013 03:22 AM
try this:http://softwaretopic.informer.com/open-source-syslog-server-windows/
Jatin Katyal
- Do rate helpful posts -
05-03-2013 05:35 AM
HI,
I have configured syslog-ng on Linux. I can see Cisco 2960 switch logs but I am not able to see RADIUS logs.
Is there any configuration example for syslog-ng + Cisco ACS 4.2?
Thanks,
AS
05-03-2013 05:45 AM
I think this is what you need to do. Radius authentication logs will be appearing in Passed and failed authentication and accounting logs will be in radius accounting.
here you can configure syslog server information and fileds that need be sent.
let me know if you have any questions.
Jatin Katyal
- Do rate helpful posts -
05-03-2013 05:48 AM
Hi,
Here is the link to configure the syslog server on ACS 4.2 (with screenshots)
Thanks & Regards
Anubhav
05-03-2013 05:56 AM
HI,
I have already done with ACS side, I want to log it to syslog server which syslog-ng, I dont know how to configure syslog-ng to have RADIUS logs.
Thanks,
AS
05-03-2013 06:02 AM
Hi,
Please find the link below to configure the syslog-ng for receiving the logs from perticular server:
http://www.logzilla.pro/syslog-ng-configuration
Regards
Anubhav.
05-05-2013 07:36 AM
Yes, they are there in RADIUS logs account.
05-05-2013 07:39 AM
Good!... so now on syslog-ng you just can't see Radius logs or it doesn't show up any log entries.
Jatin Katyal
- Do rate helpful posts -
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide