Chapter 9 Working with Logging and Reports
Remote Logging
9-24
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
The Remote Logging feature enables Cisco Secure ACS to send accounting data
received from AAA clients directly to the CSLog service on the remote logging
server, where the accounting data is written to the logs. The logging server
generates the accounting logs in the formats it is configured to use—CSV and
ODBC—regardless of the local logging configuration on the Cisco Secure ACSes
sending the data to the central logging server.
Cisco Secure ACS listens on TCP port 2001 for remote logging communication.
Remote logging data is encrypted by a 128-bit proprietary algorithm.
Note
The Remote Logging feature does not affect the forwarding of accounting data for
proxied authentication requests. Cisco Secure ACS only applies Remote Logging
settings to accounting data for sessions authenticated by proxy when accounting
data for sessions authenticated by proxy is logged locally. For more information
about proxied authentication requests and accounting data for sessions
authenticated by proxy, see
Proxy Distribution Table Configuration, page 4-32
.
Implementing Centralized Remote Logging
Before You Begin
Make sure that gateway devices between remote Cisco Secure ACSes and the
central logging Cisco Secure ACS permit the central logging Cisco Secure ACS
to receive data on TCP port 2001.
To implement centralized remote logging, follow these steps:
Step 1
On a Windows 2000 server that you want to use to store centralized logging data,
install
Cisco Secure Access Control Server (Cisco Secure ACS) for Windows Server ve
rsion 3.1. For information about installing Cisco Secure ACS, see the Installation
Guide for Cisco Secure ACS for Windows Server.
Step 2
In the Cisco Secure ACS running on the central logging server, follow these steps:
a.
Configure the accounting logs as needed. All accounting data sent to the
central logging server will be recorded in the way you configure accounting
logs on this Cisco Secure ACS. For information about accounting logs, see
Accounting Logs, page 9-5
.