Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
969
Views
0
Helpful
0
Replies

ACS4.2 CSMon Log

sudheer
Level 1
Level 1

‎03-27-2012 10:58 PM - edited ‎03-09-2019 11:48 PM

Hi,

We are using the ACS4.2 in our network for the device TACACS authentication and for the VPN user authentication. ACS is integrated with AD. Also we have configured the service management (system configuration>Service management) to monitor the logon process. All These settings are there for more than three years now. Few days back we started getting the below log continously (atleast 10 in 1 min) under the ACS service monitoring log and also the ACS sending email alerts;  

''User CSMonTac has attempted to log into 127.0.0.1 from CSMON after the Account Lockout.''   (attached the screenshot)

We checked and couldnt find any account named CSMonTac , then we restarted the ACS and no luck..!

Did anyone faced this issue before..? Pls share if any idea.

Thanks in advance...

Rgds

Sudheer

2 people had this problem
Labels:
Preview file
152 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents