Wired Intelligent Edge

last person joined: 7 hours ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.

Syslog for Tacacs and Radius Authentications

This thread has been viewed 5 times
  • 1.  Syslog for Tacacs and Radius Authentications

    Posted 17 days ago

    Team I need your assistance.   I am new to CX Switches and I have a security requirement to log to an external syslog server any Tacacs authentication to the switch and commands ran.  I also need to log any port authentications on the external syslog server.  I am running CX-OS 10.08.0001

    Tacacs setup on the switch as well as port authentication for mac and 802.1x authentications.   I also have the below commands on the switch.

    logging (ip) include-auditable-events
    logging facility local0

    When I look on my syslog server it looks like Tacacs authentications and commands are working after I added the include-auditable-events command.  But I am not seeing anything "from the switch" for port auth.   I am seeing some messages from my CPPM server for both Tacacs and Radius auths from this switch but I need the info from the switch.

    Any ideas?

    Alan Scott