Team I need your assistance. I am new to CX Switches and I have a security requirement to log to an external syslog server any Tacacs authentication to the switch and commands ran. I also need to log any port authentications on the external syslog server. I am running CX-OS 10.08.0001
Tacacs setup on the switch as well as port authentication for mac and 802.1x authentications. I also have the below commands on the switch.
logging (ip) include-auditable-events
logging facility local0
When I look on my syslog server it looks like Tacacs authentications and commands are working after I added the include-auditable-events command. But I am not seeing anything "from the switch" for port auth. I am seeing some messages from my CPPM server for both Tacacs and Radius auths from this switch but I need the info from the switch.
Any ideas?
------------------------------
Alan Scott
------------------------------