I upgraded from ACS 5.4 to ACS 5.5 about a month ago and just using ACS for TACACS only. After the upgrade on the primary and secondary, I stopped seeing anything in the logs as far as passed and failed TACACS attempts. The weird thing is that the previous logs were still showing up and not any new ones. I can reset the counters on the policy and I do see the hit counters incrementing and I can access equipment with no issues. Is there something that I need to enable when I upgraded to ACS 5.5 from 5.4 that got disabled from the upgrade? I do have the primary node as the collector.
The syslog messages have a sequence number attached. If the Monitoring and Report Viewer goes down or if it is not able to receive messages from ACS, then the Monitoring and Report Viewer retries those missed logs from ACS, using the logging recovery mechanism.
The Monitoring and Report Viewer processes the syslog messages, and identifies any discrepancies in the sequence. In this way, it finds the messages that have been missed.
The Monitoring and Report Viewer then notifies the ACS server to resend the missing log messages. ACS server processes the messages stored in its local store and resends them to the Monitoring and Report Viewer.
For the Recovering Log Messages feature to work as desired, you must enable the Log to Local Target option for the relevant logging categories in ACS under System Administration > Configuration > Log Configuration > Logging Categories > Global.
To enable Recovering Log Messages, from the Monitoring and Report Viewer, select Monitoring Configuration > System Operations > Log Message Recovery.
For more detail, please go through the following link:
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :