Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
1744
Views
5
Helpful
0
Comments

How to capture the event logs generated by Cisco Clean Access Manager

TCC_2
Level 10
Level 10

‎06-22-2009 04:45 PM - edited ‎03-08-2019 06:19 PM

Resolution

Complete these steps in order to capture the event logs and send those to another server for archiving and investigation:

  1. Log on to the Cisco Clean Access Manager (CAM) as root.

  2. Issue the psql -h 127.0.0.1 controlsmartdb -U postgres command.

  3. Issue the \a command.

  4. Issue the \o  /root/LogInformationTable command.

  5. Choose * from log_info. Make sure you put the semi-colon ; in, otherwise it does not work.

  6. Issue the \q command.

  7. Track the LogInformationTable file in your root directory, which holds all your records from the log_info table from the database. This file is in text format too, delimited by the | character. 

  8. Enable syslog and capture the events on the syslog.

Refer to Clean Access Manager Installation and Administration Guide for more information.

Refer How to configure Clean Access Manager (CAM) to report events to Cisco Secure Monitoring Analysis and Response System (CS-MARS) for more information on how to configure Clean Access Manager in order to report events to Cisco Security Monitoring, Analysis and Response System (CS-MARS).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents