We have below queries regarding new version of ACS 5.3.
a) Is it possible to view real time logs for AAA clients and for ACS administrator ?
b) Is it possible to track each and every change record for ACS Administrators and sessions in ACS . Ex addition and deletion of commands in command sets. As of now, we are able to see that config has changed by ACS admin but not able to see which commands are changed (Added or Removed)
c) As per user guide of ACS 5.3, we have an option for creating customized reports but unfortunately we are not able to see same option in ACS 5.3 GUI. Need confirmation on the same.
d) Is it possible to do configuration changes for ACS via Command line.
a) Absolutely yes. You have real time logs for authentication only (radius or tacacs). The option is in ACS View. The path is "Monitoring and Reports > Dashboard > Troubleshooting > Live authentications"
b) I did a test and didn't get the detail of the commands
c) You can customize the reports which are already existing in "Dashboard > Reports > Catalog". Let's say you have 2 different ASAs, one in site 1 and one in site 2. For example you can create a report to show only the vpn logins for a particular user against ASA in site 1.
d) There are very few things you can do with ACS via CLI (for example resetting the "acsadmin" or enabling "ACS User changeable password" interface).