Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACS Appliance ver 4.1 unable to administration logs

Hi Friends,

I have a ACS appliance 1113 with ACS 4.1 software loaded in my network. Issue what iam facing is i can see the failed, passed authentication and accounting logs but tacacs administration logs file is blank... below is my aaa client configuration

aaa new-model

!

!

aaa authentication login default group tacacs+ local

aaa authorization exec default group tacacs+ local

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting commands 0 default start-stop group tacacs+

aaa accounting commands 1 default start-stop group tacacs+

aaa accounting commands 7 default start-stop group tacacs+

aaa accounting commands 15 default start-stop group tacacs+

any help is highly appreciated.

Regards

Ravi

2 REPLIES
Bronze

Re: ACS Appliance ver 4.1 unable to administration logs

Hi there, I ran into a similar problem ,and added the following line as well:

aaa accounting exec default start-stop group tacacs+. This is so I can see accounting logs.

As for administration logs to log the commands, i needed to install a patch onto my ACS 4.1 Appliance.

I suggest you install the following patch: applAcs-4.1.1.23.5.zip

This resolves bug CSCsg97429 - TACACS+ Command Accounting does not work in ACS 4.1(1) Build 23.

Take care and i hope this resolves your problem.

Re: ACS Appliance ver 4.1 unable to administration logs

This is a known issue on ver 4.1.1 and we need to apply patch ACS 4.1.1.23.5 to fix the issue.

Patch for appliance is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-soleng-3des

Patch name : ACS SE 4.1.1.23.5 accumulative patch

Patch for acs windows is available on

http://www.cisco.com/cgi-bin/tablebuild.pl/acs-win-3des

Patch Name : ACS 4.1.1.23.5 accumulative patch

That should fix the issue,

Regards,

~JG

170
Views
5
Helpful
2
Replies
CreatePlease to create content