Cisco Systems CSACS3415K9 Manuel D’Utilisation
C H A P T E R
19-1
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
19
Understanding Logging
This chapter describes logging functionality in ACS 5.4. Administrators and users use the various
management interfaces of ACS to perform different tasks. Using the administrative access control
feature, you can assign permissions to administrators and users to perform different tasks.
management interfaces of ACS to perform different tasks. Using the administrative access control
feature, you can assign permissions to administrators and users to perform different tasks.
Apart from this, you also need an option to track the various actions performed by the administrators and
users. ACS offers you several logs that you can use to track these actions and events.
users. ACS offers you several logs that you can use to track these actions and events.
This chapter contains the following sections:
•
•
About Logging
You can gather the following logs in ACS:
•
Customer Logs—For auditing and troubleshooting your ACS, including logs that record daily
operations, such as accounting, auditing, and system-level diagnostics.
operations, such as accounting, auditing, and system-level diagnostics.
•
Debug logs—Low-level text messages that you can export to Cisco technical support for evaluation
and troubleshooting. You configure ACS debug
and troubleshooting. You configure ACS debug
logs, using the
command line interface. Specifically,
you enable and configure severity levels of the ACS debug logs using the command line interface.
See Command Line Interface Reference Guide for Cisco Secure Access Control System 5.4 for more
information.
See Command Line Interface Reference Guide for Cisco Secure Access Control System 5.4 for more
information.
•
Platform logs—Log files generated by the ACS appliance operating system.
Debug and platform logs are stored locally on each ACS server. Customer logs can be viewed centrally
for all servers in a deployment.
for all servers in a deployment.
You can use the following ACS interfaces for logging:
•
Web interface—This is the primary logging interface. You can configure which messages to log and
to where you want the messages logged.
to where you want the messages logged.
•
Command line interface (CLI)—Allows you to display and download logs, debug logs, and debug
backup logs to the local target. The CLI also allows you to display and download platform logs. See
Command Line Interface Reference Guide for Cisco Secure Access Control System 5.4 for more
information.
backup logs to the local target. The CLI also allows you to display and download platform logs. See
Command Line Interface Reference Guide for Cisco Secure Access Control System 5.4 for more
information.