cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

609
Views
0
Helpful
1
Replies
sachin.sg
Beginner

Does Cisco ISE-3315-K9 with ise version: Service Engine: 1.0.4.573 support command accouting like ACS

Hi

Can Anybody can update whether   ISE-3315-K9 with ise version: Service Engine: 1.0.4.573 , supports the command level accounting

Bascially , we have integrated Cisco Switches with Cisco ISE for Device Authentication using Radius , we are able get the authentication logs on to the devices , but for any command changes or update done on Cisco devices we are not able to get the command accounting ..

has succeed in  command level accounting on  Cisco ISE ..

Please update

Cisco ISE doesn't have TACACS feature ...

1 REPLY 1
jw.sl9
Beginner

Command Accounting is a TACACS+ feature so not for ISE....yet.

However, you can do the following to send commands to syslog and not including passwords (hidekeys). I just picked 200 commands/lines to store in the local command buffer/log. increase or decrease as you have memory.  The notify syslog is what sends it via syslog.


conf t
archive

 log config

 logging enable

 logging size 200

 hidekeys

 notify syslog
end
wr mem

Remember, syslog is clear text  :-)  log away from user traffic when possible.  Or use TLS based syslog when possible.

I hope you find this answer useful, if it was satisfactory  for you, please mark the question as Answered.

Please rate post you consider useful.
-James


I hope you find this information useful, if it was satisfactory for you, please mark the question as Answered. Please rate post you consider useful. -James
Content for Community-Ad