I had started this conversation in the "General" area (I think incorrectly) so I'm going to post it in here as well (just in case - appologies to the moderators).
In our aaa implementation we use tacacs with the local db as backup. Well, I'm trying to harden security. I know IOS has this nice little command:
âlogin on-failure log every xâ
This would be great so we could at least see the syslog message and have an idea if someone is trying to get into a piece of our equipment without having to try and watch the "Failed Attemps" report in ACS - but given we are using Tacacs, the only way this will throw a message is if ACS isn't available.
I'd like to know if there is a way for ACS to give us this information. Or, to get syslog messages to get thrown.