Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

ACS 5.2: empty command set in authorization logs "[ CmdAV= ]"

i see only the show commands listed in the tacacs+ authorization logs on ACS 5.2 . Any commands executed from the configuration mode don't show up and only "[ CmdAV= ]" is shown .

authorization for privilege level 15 commands is enabled on the cisco routers. Any idea on how to make the ACS show the configuration commands in the authorization logs ?

Thanks,

Viks

Everyone's tags (3)
3 REPLIES

ACS 5.2: empty command set in authorization logs "[ CmdAV= ]"

Do you have tacacs accounting enabled? Try checking the tacacs accounting logs and see if they exists there. Also what patch level on ACS are you on? You can click on the about button at the top right and there should be a format similar to ACS 5.2.0.26.x where x is your patch level, you can also issue "show version" from cli.

Thanks

Tarik Admani

Tarik Admani *Please rate helpful posts*

ACS 5.2: empty command set in authorization logs "[ CmdAV= ]"

Version: 5.2.0.26.8

Accounting log collection has been turned off on the ACS as they were overwhelming the database

ACS 5.2: empty command set in authorization logs "[ CmdAV= ]"

hi, what could be the reason for configuration mode commands not appearing the authorization logs ?

751
Views
0
Helpful
3
Replies
CreatePlease login to create content