cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3206
Views
20
Helpful
15
Replies

CiscoSecure ACS v4.2 RADIUS logs upload to FTP server

Almas Saiyed
Level 1
Level 1

Hi,

I am using CiscoSecure ACS v4.2 appliance, in there any way that RADIUS logs upload to FTP server because it has limitation to store RADIUS logs.

Please advice.

Thanks,

AS

2 Accepted Solutions

Accepted Solutions

Jatin Katyal
Cisco Employee
Cisco Employee

You can only configure remote logging. Cisco Secure ACS Solution Engine appliances configured to use the remote agent send logging data directly to the remote agent logging service, CSLogAgent. CSLogAgent writes the logging data to hard disk in the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/LgsRpts.html#wp703058

Jatin Katyal
- Do rate helpful posts -

~Jatin

View solution in original post

Amjad Abdullah
VIP Alumni
VIP Alumni

Hi AS,

Jatin replied you with a useful answer (+5 Jatin).

TFTP/FTP to transfer logs is not possible. You can either use a remote agent on a machine and configure it to collect the logs form a specified ACS OR you can use a syslog server.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

View solution in original post

15 Replies 15

Jatin Katyal
Cisco Employee
Cisco Employee

You can only configure remote logging. Cisco Secure ACS Solution Engine appliances configured to use the remote agent send logging data directly to the remote agent logging service, CSLogAgent. CSLogAgent writes the logging data to hard disk in the location specified by the configuration provider. The logs contain the columns specified by the configuration provider.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/user/guide/LgsRpts.html#wp703058

Jatin Katyal
- Do rate helpful posts -

~Jatin

Amjad Abdullah
VIP Alumni
VIP Alumni

Hi AS,

Jatin replied you with a useful answer (+5 Jatin).

TFTP/FTP to transfer logs is not possible. You can either use a remote agent on a machine and configure it to collect the logs form a specified ACS OR you can use a syslog server.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

Thanks Jatin and Amjad,

I have decided to configure syslog server to send logs, do you have any idea about open source syslog server for windows or linux ?

Thanks,

AS

This is the one I use:

http://kiwi-syslog-daemon.en.softonic.com/

More info:

http://www.kiwisyslog.com/downloads.aspx

Hope this helps.

Jatin Katyal


- Do rate helpful posts -

~Jatin

looking for Open Source one.

Hi Almas,

I am sorry I am not aware about any open-source syslog server.

You can search the internet though. Google is your best friend.

Regards,

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"

HI,

I have configured syslog-ng on Linux. I can see Cisco 2960 switch logs but I am not able to see RADIUS logs.

Is there any configuration example for syslog-ng + Cisco ACS 4.2?

Thanks,

AS

I think this is what you need to do. Radius authentication logs will be appearing in Passed and failed authentication and accounting logs will be in radius accounting.

here you can configure syslog server information and fileds that need be sent.

let me know if you have any questions.

Jatin Katyal


- Do rate helpful posts -

~Jatin

Hi,

Here is the link to configure the syslog server on ACS 4.2 (with screenshots)

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_server_for_windows/4.2/configuration/guide/syslog.html

Thanks & Regards

Anubhav

HI,

I have already done with ACS side, I want to log it to syslog server which syslog-ng, I dont know how to configure syslog-ng to have RADIUS logs.

Thanks,

AS

Hi,

Please find the link below to configure the syslog-ng for receiving the logs from perticular server:

http://www.logzilla.pro/syslog-ng-configuration

Regards

Anubhav.

Yes, they are there in RADIUS logs account.

Good!... so now on syslog-ng you just can't see Radius logs or it doesn't show up any log entries.

Jatin Katyal


- Do rate helpful posts -

~Jatin
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: