[tac_plus] tacacs account log not capturing all authentication attempts
heasley
heas at shrubbery.net
Fri Jul 1 14:30:21 UTC 2016
Fri, Jul 01, 2016 at 09:16:40AM -0400, Kevin.Cruse at Instinet.com:
> I have noticed that some authentication attempts do not get logged in
> tacacs_account log. For example, we have some non cisco terminal servers,
> corvils and ciscoworks devices that are configured to authenticate with
> tacacs. Authentication is working and I can verify the users are hitting
> tacacs as a packet capture proves it. However, despite users getting
> authenticated when I check the account log for their ID's, source IP, etc.
> I see nothing. This seems to be either a bug or misconfiguration. Has
> anyone encountered this?
>
>
> accounting file = /var/log/tacacs/tacacs_accounting.log
this is accounting records only and those are produced by the devices
and sent to tacacs. auth succes/failure will go to syslog.
logging = daemon
More information about the tac_plus
mailing list