Showing results for 
Search instead for 
Did you mean: 

Cisco Secure ACS server is unable to register TACACS+ admin logs


Core issue

This issue occurs due the presence of Cisco bug ID CSCsg97429.

In this issue, TACACS+ Command Accounting does not work in ACS 4.1(1) Build 23. After you enter the commands on the NAS, no accounting records are seen in the TACACS+ Administration log file. Debugs on the NAS show the records as sent, and they do arrive at the ACS server, but the appropriate log file is not updated.

With ACS logging set to Full, under System Configuration > Service Control, the log file of the CSLog service shows these entries each time a command is entered on the NAS:

12/06/2006 14:22:52 U 5111 2608 Handling message at 0x010A7FF8 (339 bytes)
12/06/2006 14:22:52 A 0000 0960 Logger CSV TACACS+ Accounting: filter denies logging


In order to resolve this issue, download and install the ACS accumulative patch at Cisco Downloads.

Complete these steps in order to install the patch on ACS appliance"

  1. Stop CSAgent from CLI.

  2. Reboot the appliance.

  3. Issue the download command plus the IP address of the machine from the bat file that you run from the CLI of appliance, for example the download command.

  4. You should be asked to proceed, and choose Yes.

  5. Then issue the upgrade command .

  6. Once the upgrade is successfull,start CSAgent.

In order to install the patch on distribution server, complete these steps:

  1. Extract the

  2. Run autorun.bat.

Refer to the About Appliance Upgrades and Patches section of System Configuration: Basic for more information.

Recognize Your Peers
Content for Community-Ad