Cisco Systems OL-24201-01 External DB Unavailable

12-28

User Guide for Cisco Secure Access Control System 5.3

OL-24201-01

Chapter 12 Managing Alarms

Creating, Editing, and Duplicating Alarm Thresholds

External DB Unavailable

When ACS evaluates this threshold, it examines the RADIUS or TACACS+ failed authentications that

have occurred during the specified interval up to the previous 24 hours.

From these failed authentications, ACS identifies those with the failure reason, External DB unavailable.

Authentication records with this failure reason are grouped by a common attribute, such as ACS

instance, user, and so on, and a count of the records within each of those groups is computed.

If the count of records for any group exceeds the specified threshold, an alarm is triggered. This can

happen if, for example, you configure a threshold as follows:

External DB Unavailable count greater than 5 in the past one hour for a Device IP

If in the past hour, failed authentications with an External DB Unavailable failure reason have occurred

for two different device IP addresses as shown in the following table, an alarm is triggered, because at

least one device IP address has a count greater than 5.

Table 12-21 Unknown NAD

Option Description

Unknown NAD count greater than num in the past time Minutes|Hours for a object, where:

•num values can be any five-digit number greater than or equal to zero (0).

•time values can be 1 to 1440 minutes, or 1 to 24 hours.

•Minutes|Hours value can be Minutes or Hours.

•object values can be:

–

ACS Instance

–

Device IP

Filter

ACS Instance Click Select to choose a valid ACS instance on which to configure your threshold.

Device IP Click Select to choose or enter a valid device IP address on which to configure your threshold.

Protocol Use the drop-down list box to configure the protocol that you want to use for your threshold. Valid

options are:

•RADIUS

•TACACS+

Device IP Count of External DB Unavailable Authentication Records

a.b.c.d 6

e.f.g.h 1