Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS 5.1 login snmp tracking

Hello sirs,

Could you please answer a little question.

Is it possible to track failed login attempts to ACS instances  (both on CLI and web GUI) by snmp?

Unfortunately i haven't found such option in

Monitoring and Reports > Alarms > Thresholds >
2 REPLIES
New Member

ACS 5.1 login snmp tracking

I've figured out how to monitor failed attempts via syslog. However there is another trouble. We've many servers in a distributed deployment. Syslog set to global on all servers through our primary server (syslog writes to the syslog server and log collector). Log collector placed on the secondary server. Syslog server receives log messages about administrator logins  to the primary server, but it hasn't received any messages from another servers in deployment. I've changed settings on the primary server and it seem's that on secondary servers this setting was changed automatically (according to GUI). What can be source of problem? All related ports on fw's are open.

And there is another issue. Is that possible to monitor CLI login attempts through syslog?

I've found only this messages in catalog:

10006     INFO     Administrator Authentication and Authorization     AAC     Administrator authentication failed

33103     INFO     Internal Operations Diagnostics     CLI     User login to ACS configuration mode failed

51000     NOTICE     Administrative and Operational Audit     Administrator-Login     Administrator authentication failed

Sorry for my poor English.

New Member

ACS 5.1 login snmp tracking

So, syslog on secondary servers wasn't work because of stopped syslog process. Issue war resolved by rebooting the secondary server.

Hope that info will be helpfull for somebody.

I'm still intresting in login attempts monitoring on CLI, can anybody help?

475
Views
0
Helpful
2
Replies