Chapter 19 Understanding Logging

ACS 4.x Versus ACS 5.3 Logging

ACS 4.x Versus ACS 5.3 Logging

If you are familiar with the logging functionality in ACS 4.x, ensure that you familiarize yourself with the logging functionality of ACS 5.3, which is considerably different. Table 19-4describes the differences between the logging functionality of ACS 4.x and ACS 5.3.

Table 19-4

ACS 4.x vs. ACS 5.3 Logging Functionality

 

 

 

 

This logging function…

is handled this way in ACS 4.x…

and this way in ACS 5.3

 

 

 

 

 

Log Types

 

AAA-related logs contain information

See Logging Categories, page 19-2.

 

 

 

about the use of remote access services

 

 

 

 

by users.

 

 

 

Audit logs contain information about

 

 

 

 

the ACS system and activities and,

 

 

 

 

therefore, record system-related

 

 

 

 

events.

 

 

 

 

These logs are useful for

 

 

 

 

troubleshooting or audits. CSV audit

 

 

 

 

logs are always enabled, and you can

 

 

 

 

enable or disable audit logs to other

 

 

 

 

loggers. You cannot configure the audit

 

 

 

 

log content.

 

 

 

 

Audit logs can display the actual

 

 

 

 

changes administrators have made for

 

 

 

 

each user. ACS audit logs list all the

 

 

 

 

attributes that were changed for a given

 

 

 

 

user.

 

 

 

 

 

Available Log Targets

CSV Logger

See Remote Syslog Server Target, page 19-8

 

 

Syslog Logger

and Local Store Target, page 19-5.

 

 

 

 

 

ODBC Logger

 

 

 

Remote Logging

 

 

 

 

 

Log File Locations

CSV Logger:

Local store target logs:

 

 

 

sysdrive:\Program Files\CiscoSecu

/opt/CSCOacs/logs/localStore/.

 

 

 

re ACS vx.x.

Remote syslog server target logs:

 

 

 

 

 

 

 

 

/var/log/messages.

 

 

 

 

 

Report Types

 

CSV

See Monitoring and Reporting in ACS,

 

 

Dynamic Administration

page 11-1.

 

 

 

 

 

Entitlement

 

 

 

 

Error Codes and Message Text

For ACS 4.2, CSAuth diagnostic logs

All messages, see Viewing Log Messages,

 

 

display a description of client requests and

page 19-10.

 

 

responses. Previous versions of ACS used a

 

 

 

numeric code for client requests and

 

 

 

responses.

 

 

 

 

 

 

 

User Guide for Cisco Secure Access Control System 5.3

19-12

OL-24201-01

Page 568
Image 568
Cisco Systems OL-24201-01 manual ACS 4.x Versus ACS 5.3 Logging, Csv, 19-12