Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
Hall of Fame Super Silver

Upgraded to ACS 5.5 no more logs

I upgraded from ACS 5.4 to ACS 5.5 about a month ago and just using ACS for TACACS only. After the upgrade on the primary and secondary, I stopped seeing anything in the logs as far as passed and failed TACACS attempts. The weird thing is that the previous logs were still showing up and not any new ones. I can reset the counters on the policy and I do see the hit counters incrementing and I can access equipment with no issues. Is there something that I need to enable when I upgraded to ACS 5.5 from 5.4 that got disabled from the upgrade? I do have the primary node as the collector.

Scott

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
1 REPLY
New Member

Upgraded to ACS 5.5 no more logs

Hi Scott,

FYI,

The syslog messages have a sequence number attached. If the Monitoring and Report Viewer goes down or if it is not able to receive messages from ACS, then the Monitoring and Report Viewer retries those missed logs from ACS, using the logging recovery mechanism.

The Monitoring and Report Viewer processes the syslog messages, and identifies any discrepancies in the sequence. In this way, it finds the messages that have been missed.

The Monitoring and Report Viewer then notifies the ACS server to resend the missing log messages. ACS server processes the messages stored in its local store and resends them to the Monitoring and Report Viewer.

For the Recovering Log Messages feature to work as desired, you must enable the Log to Local Target option for the relevant logging categories in ACS under System Administration > Configuration > Log Configuration > Logging Categories > Global.

To enable Recovering Log Messages, from the Monitoring and Report Viewer, select Monitoring Configuration > System Operations > Log Message Recovery.

For more detail, please go through the following link:

http://www.cisco.com/c/en/us/td/docs/net_mgmt/cisco_secure_access_control_system/5-5/user/guide/acsuserguide/viewer_sys_ops.html#wp1052728

749
Views
0
Helpful
1
Replies
CreatePlease to create content