Configuring logging – IBM Tivoli and Cisco User Manual

226

Building a Network Access Control Solution with IBM Tivoli and Cisco Systems

filename is the file that the attributes will be written to. The Security
Compliance Manager attributes should be viewable in this file.

Configuring logging

Logging configuration is crucial for monitoring, reporting, and troubleshooting a
NAC implementation.

To set up logging:

1. Click System Configuration on the Cisco Secure ACS main menu.

2. Click Logging.

3. Click CSV Passed Authentications (Figure 7-9).

Figure 7-9 Logging configuration

4. Enable the Log to CSV Passed Authentications report (Figure 7-10 on

page 227) and in the Select Columns To Log list, select the attributes (fields)

Tip: The result of

csutil.exe -dumpavp

contains these two attributes,

which are added automatically when

csutil.exe -addavp

is executed:

IBM Corporation:SCM:Application-Posture-Token
IBM Corporation:SCM:System-Posture-Token