09-25-2019 01:12 PM - edited 02-21-2020 11:10 AM
Hi,
I have my Prime and APIC controller authentication over TACACS VIA ISE. The issue im having is that every 5 minutes when the poling takes place between Prime and APIC I am seeing it in ISE TACACS Logs. I cant change the pole interval and the sheer number of poles per-day is causing an issues with seeing user logins to the both appliances.
Solved! Go to Solution.
09-25-2019 04:10 PM
In the past it was not possible to suppress TACACS logs, but it appears that an enhancement request has been completed and as of 2.4 p6 (or 2.6) you should be able to do this.
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvb45390
Try to create a log collection filter here, filtering passed authentications for the APIC IP or username.
https://<ISE IP>/admin/#administration/administration_system/administration_system_logging/collection_filters
09-25-2019 04:10 PM
In the past it was not possible to suppress TACACS logs, but it appears that an enhancement request has been completed and as of 2.4 p6 (or 2.6) you should be able to do this.
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvb45390
Try to create a log collection filter here, filtering passed authentications for the APIC IP or username.
https://<ISE IP>/admin/#administration/administration_system/administration_system_logging/collection_filters
09-25-2019 09:20 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide