Cisco Systems 3.3 Server User Manual


  Open as PDF
of 860
 
11-27
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 11 Logs and Reports
Remote Logging
generates the accounting logs in the formats it is configured to use—CSV and
ODBC—regardless of the local logging configuration on the Cisco Secure ACSes
sending the data to the central logging server.
Cisco Secure ACS listens on TCP port 2001 for remote logging communication.
Remote logging data is encrypted by a 128-bit proprietary algorithm.
Note The Remote Logging feature does not affect the forwarding of accounting data for
proxied authentication requests. Cisco Secure ACS only applies Remote Logging
settings to accounting data for sessions authenticated by proxy when accounting
data for sessions authenticated by proxy is logged locally. For more information
about proxied authentication requests and accounting data for sessions
authenticated by proxy, see Proxy Distribution Table Configuration, page 4-34.
Implementing Centralized Remote Logging
Before You Begin
Make sure that gateway devices between remote Cisco Secure ACSes and the
central logging Cisco Secure ACS permit the central logging Cisco Secure ACS
to receive data on TCP port 2001.
To implement centralized remote logging, follow these steps:
Step 1 On a computer that you want to use to store centralized logging data, install
Cisco Secure ACS for Windows Server. For information about installing
Cisco Secure ACS, see the Installation Guide for Cisco Secure ACS for Windows
Server.
Step 2 In the Cisco Secure ACS running on the central logging server, follow these steps:
a. Configure the accounting logs as needed. All accounting data sent to the
central logging server will be recorded in the way you configure accounting
logs on this Cisco Secure ACS. For information about accounting logs, see
Accounting Logs, page 11-6.
Accounting logs can be recorded in either CSV or ODBC format. For
information about configuring CSV logs, see Working with CSV Logs,
page 11-15. For information about configuring ODBC logs, see Configuring
an ODBC Log, page 11-23.
 previous next