07-26-2007 05:14 AM
Part of the LMS 3.0 functionality is to see the integrated AAA server logs, but I don't use remote logging because of its propensity to block and hang. I use 5 AAA servers georgraphically distributed. I know with 2.5.1 I'd only see one servers logs and only if I were using centralized remote logging on the server I integrated the system with would I see all the log file entries. Does this still hold true ?
07-26-2007 02:57 PM
Ahh I guess I'l discover the answer myself, my LMS 3.0 DVD's arrived today :)
07-28-2007 05:15 PM
I'm not sure I understand what you're asking. Are you referring to logging on the ACS? There have been some changes with the way LMS integrates with ACS in 3.0, but nothing that would affect ACS logging. Basically, we now use a single connection to do all of the integration steps. This helps avoid an exhaustion of ACS admin ports.
07-28-2007 06:42 PM
I was refering to the ability to review some of the acs logs from within LMS. Its kind of a moot point because if you use centralized logging (remote logging to a single aaa server) you run the risk of service blocking that will take down the aaa server if the message is not accepted at the remote end.
07-28-2007 10:26 PM
I know of no where in LMS where you can view the ACS logs. LMS has its own audit logs, but those are separate from the accounting logs on ACS. But maybe we're not on the same page. To which specific logs do you refer?
07-29-2007 02:49 PM
Ok, I've taken the time to go dig up the link:
Viewing Audit Logs
Audit Logs track system activities that occur within CiscoWorks Common Services client applications. Each client application determines what specific activities are logged; however, the following types of activities are typically logged by all client applications:
User Login?A log entry is made each time a user logs in to a client application.
User Logout?A log entry is made each time a user logs out of or shuts down a client application.
Activity State Change?A log entry is made for each create, open, close, submit, and undo activity that occurs in a client application.
Authorized Commands?A log entry is made each time a user performs an operation that requires authorization in a client application.
Wizard Completion?A log entry is made each time a wizard is used and finished in a client application.
Activities specific to CiscoWorks Common Services are not logged in Audit Logs. Activities such as backups and restores are logged separately.
Audit Logs are stored as comma-separated value lists (CSVs). If you are using local authentication, the files are stored on the local server. If you are using ACS authentication, the files are stored on the ACS server and you can view them from within both ACS and CiscoWorks Common Services.
Since I use 4 active (master-slave-slave-slave)CiscoSecure ACS servers to authenticate without remote logging, the logs will only be present on 1 (one) of the boxes. For redundancy, capacity, and geographic latency reasons I won't point every one of my 6 ciscoworks servers to the same AAA server, I will however provide the identical authentication mechanisim in a distributed fashion. The functionality described in the link will only be localized and will not reflect a total viewpoint of whats occuring across the network. I'll have to provide that using the AAA reporting suite which automatically gathers all the logs from all the AAA servers. This would be a blind spot for the new Cisco Network Assistant.
07-29-2007 03:17 PM
Ah, okay, these are the audit logs that I referred to previously. I'm not sure why it says these are stored on ACS. Yes, ACS will keep a record of these same activities, but you should be able to find them on the LMS server as well under NMSROOT/MDC/log/audit (even on LMS 2.5 and 2.6).
These same logs are also viewable in the GUI under Common Services > Server > Reports > Audit Log.
07-29-2007 05:14 PM
Its all about accountability for auditing purposes.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide