I am looking for some help in setting up my router to where it reports to my CSACS all commands executed by users. For example, I login as the user bbaggins and I make changes to an ACL configuration, is there a way for the commands I typed in to be logged by the ACS?
Thanks for your help.
You need to set up tacacs for that. Here are the commands.
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 1 default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
Command accounting logs are stored in tacacs administration logs. Also there is a known issue on ver 4.1.1 and we need to apply patch ACS 188.8.131.52.5 to fix the issue.
Patch for appliance is available on
Patch name : ACS SE 184.108.40.206.5 accumulative patch
Patch for acs windows is available on
Patch Name : ACS 220.127.116.11.5 accumulative patch
Do rate helpful posts