Exclude specific user from ACS logging ?

Answered Question
Mar 4th, 2010
User Badges:

Hi,

.

My customer and I are looking for a way to exclude actions/commands logging on AAA servers (ACS) for a single specific user, though logging still goes on for other users as AAA clients on networks devices have been configured with:

.

aaa accounting commands start-stop tacacs+

.

I have not found any solution up to now, either on the ACS side, either on the IOS side and aaa commands.

.

(Though it looks like a potential security issue), can anyone advise?

.

Thanks for your cooperation.

Yvon.

Correct Answer by jedubois about 7 years 3 months ago

Yvon,

     No you can not exclude a single user from logging.  Accounting is a global command.

     I take it you probably have a script that is generating a large amount of logging data?

--Jesse

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
jedubois Thu, 03/04/2010 - 10:50
User Badges:
  • Cisco Employee,

Yvon,

     No you can not exclude a single user from logging.  Accounting is a global command.

     I take it you probably have a script that is generating a large amount of logging data?

--Jesse

yvon_delgrange Fri, 03/05/2010 - 08:38
User Badges:

Jesse,

Thanks for the confirmation.

I do not really know what is behind this request, but I'll try to understand.

I guess for for this time, we'll live with this situation.

Thanks again. Yvon.

yvon_delgrange Thu, 03/11/2010 - 00:43
User Badges:

Thanks for pointing that out to me. I will have a closer look at this feature.

Actions

This Discussion