Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS 4.1 fails to record command to log file

Hi

I am having problems making ACS 4.1 record user command information to the tacacs+ log file. I have set both the cmd and cmd-arg fields for the log but all I get is this:

Date Time User-Name Group-Name Caller-Id Acct-Flags elapsed_time service task_id addr NAS-Portname NAS-IP-Address cmd

01/02/2008 16:48:55 mark Group 1 10.11.128.82 start .. shell 269 .. tty1 10.11.2.42 ..

I have attached two files one csv with the log contents and the other showing the AAA config and the log configuration on the ACS server. Any thoughts would be appreciated.

Regards,

Mark

3 REPLIES
Silver

Re: ACS 4.1 fails to record command to log file

This is a known issue with ACS. You need

to upgrade the ACS 4.1 with a hotfix and

the accounting will be fixed.

CCIE Security

New Member

Re: ACS 4.1 fails to record command to log file

Hi

I have applied the patch Acs-4.1.1.23.4-SW and the version in the acs console is reported as Release 4.1(1) Build 23 Patch 4

Unfortunatly no detail is being written to tacacs+ for command accounting.

Any thoughts more than welcome.

Mark

New Member

Re: ACS 4.1 fails to record command to log file

Hi

Found the problem :-) Looking in the wrong log. You would have thought that the detail would be written to the accounting log !! But no it goes into the administration log.

Happy now, Thanks for all the help

Mark

139
Views
0
Helpful
3
Replies