filename is the file that the attributes will be written to. The Security Compliance Manager attributes should be viewable in this file.

Tip: The result of csutil.exe -dumpavpcontains these two attributes, which are added automatically when csutil.exe -addavpis executed:

￿IBM Corporation:SCM:Application-Posture-Token

￿IBM Corporation:SCM:System-Posture-Token

Configuring logging

Logging configuration is crucial for monitoring, reporting, and troubleshooting a NAC implementation.

To set up logging:

1.Click System Configuration on the Cisco Secure ACS main menu.

2.Click Logging.

3.Click CSV Passed Authentications (Figure 7-9).

Figure 7-9 Logging configuration

4.Enable the Log to CSV Passed Authentications report (Figure 7-10 on

page 227) and in the Select Columns To Log list, select the attributes (fields)

226Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

Page 243 Page 245
Page 244
Image 244
IBM Tivoli and Cisco manual Configuring logging, Click CSV Passed Authentications Figure
Page 243 Page 245
Top Page Image Contents