cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2133
Views
15
Helpful
7
Replies

log file size on ACS 5.3

kerim mohammed
Level 3
Level 3

                   Hi,

how do i set limit on the log file size in ACS 5.3. I had the same issue with Nexus 1000v but there is a command that enables you to set log file nane and size. it is getting bulky. any advice?

thanks

Kerim

7 Replies 7

Tarik Admani
VIP Alumni
VIP Alumni

Kerim,

You can not set a limit on the log file size, however you can set purging conditions so that a database purge and incremental backups happen more frequently. I assume you mean with ACS 4.x...

Let me know if this document sheds any light.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/viewer_sys_ops.html#wp1068157

thanks,

Tarik Admani
*Please rate helpful posts*

Thanks Tarik! the document was very helpful.

Hi Tarik!

i kind of lost track here. I deleted logs using the "delete logs now" button, i attached the screen shot. i did this again and it gave me pop up messge saying no logs found to be deleted. i run the the show logg command on the logcollecter ACS machine. i see all the out put. screen shot attached. why do i see out put? i deleted it? and why do i see failed and succedded authentication even from yesterday? what did i miss?

Hi,

Here is the explanation of this function:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/admin_config.html#wpxref88023

Here is some information about the file system that this is deleted from:

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.3/user/guide/logging.html#wp1052656

So if the file that you are looking at is active (probably is if you see logs from yesterday and today, it will not be deleted).

Hope this helps,

Tarik Admani
*Please rate helpful posts*

thanks Tarik! that was helpful. let me see if i understan the relation between active log file and the maximum log retention period (lets say 3 days). so every three days log files are generated and stored locally. when i click the "Delete Logs Now" button, it will delete all log files except the one  being used. now how do i do this in a periodic manner as opposed to manually clickeing the "Delete Logs Now" button. i know log files will be deleted if there is shortage of resource on the ACS appliance. if there are no shortages and if i don't delete the log files manually, will they keep on building on the local disk space?if you have remote logcollector, will the non-active log files be deleted automatically after they are logged to the remote collector?

thanks,

Kerim

The space allocated for local logs is set rotate if the logs hit a predefined size limit. You have nothing to worry about. When troubleshooting large enterprise networks I have set debugs logs for weeks without the logs taking the unit down.

I think you are confusing the monitoring db which needs to be maintained by using purging operations.

Thanks

Tarik admani

Hi Tarik!

i guess you are right, i am confusing things. after configuring remote logcollector(which in my case is the Secondary ACS5.3), i stopped recieving warnings saying no purge and incremental backup has been configured. moreover, i don't see any output when i run the command "show logging" on the primary acs. when i do show logging on the secondary, i see logs but it don't include logs from primary acs. But, the monitoring report which is logged on the secondary acs shows every activity on both primary and secondary acs. i just can't make sense out of this. in other words yes, i am confused.