04-10-2008 01:37 AM - edited 02-21-2020 03:40 PM
Hello,
I would like to know about any existing procedure to know when a user attempted to login using TACACS+ in the ACS server reports.
In brief, I want to know if there is any feature or option in CiscoSecure ACS to know when a user attempted to login? The administration reports, passed authentication reports are all available but on a daily basis which is very cumbersome to select them and then find for this particular user.
Thanks in advance,
Subhash.
04-16-2008 06:23 AM
The Cisco Secure Access Control Server Release 4.1, hereafter referred to as ACS, produces a variety of logs. You can download many of these logs, or view them in the ACS web interface as HTML reports.
04-16-2008 07:41 AM
configure aaa accounting for exec sessions to tacacs on the devices which are getting authenticated to tacacs, that will populate logs in tacacs accounting and will let you know the user got authenticated to tacacs.
: Rohit
04-16-2008 05:44 PM
ACS reporting is horrid. Your best bet is a 3rd party app called aaa-reports! from extraxi. You 2nd best bet is to write your own app to pull .CSV logs into a database like MS Access and then parse from there. I was headed down the 2nd path before I tried out aaa-reports, and while the reports aren't that fancy, the importing is flawless and the query engine is fantastic. You can run "group by" queries and aggregate on things you never could via the native interface or Excel. I have two ACS appliances so trying to pull logs from both boxes is nearly impossible. (well, possible, but time consuming!). A fully-functionaly, time limited (90 days?) version is available on their site.
The best part is the guys that wrote it used to work in the ACS group at Cisco, and they know their stuff.
Disclaimer: I have no relationship to extraxi; I'm not even a customer yet. But I have been beta-testing a enterprise version of the product and can't really see how I can live without it going forward. Also, AFAIK there are no competing products in this space, either for $$ or free/open-source. If you find anything please let us know.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide