I'm trying to get MARS 4.3 and my Cisco ACS 4.2 server working together to display NAC events on MARS. I've added the server which runs CSACS under Security/Monitor Devices, added the reporting application of Cisco Secure ACS 3.x (does this matter that there is no option for 4.x, should this still work?) and have installed the PNLogAgent on the CSACS server and configured it to forward logs to MARS. The problem is that I have users who are being quarantined by NAC and the CSACS server shows these in the logs, yet I dont see any event on the MARS server to reflect this.
Is there something I'm missing here? Thanks