Wired Intelligent Edge

 View Only
last person joined: 5 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Syslog for Tacacs and Radius Authentications

This thread has been viewed 7 times

  • 1.  Syslog for Tacacs and Radius Authentications

    Posted Sep 08, 2021 10:35 PM

    Team I need your assistance.   I am new to CX Switches and I have a security requirement to log to an external syslog server any Tacacs authentication to the switch and commands ran.  I also need to log any port authentications on the external syslog server.  I am running CX-OS 10.08.0001

    Tacacs setup on the switch as well as port authentication for mac and 802.1x authentications.   I also have the below commands on the switch.

    logging (ip) include-auditable-events
    logging facility local0

    When I look on my syslog server it looks like Tacacs authentications and commands are working after I added the include-auditable-events command.  But I am not seeing anything "from the switch" for port auth.   I am seeing some messages from my CPPM server for both Tacacs and Radius auths from this switch but I need the info from the switch.

    Any ideas?



    ------------------------------
    Alan Scott
    ------------------------------