beautypg.com

C.3. accounting, C.3.1. example: routing messages to tacacs+ log, Accounting – MultiDyne ACI-2058 User Manual

Page 194: Example: routing messages to tacacs+ log

background image

W

EB

X v2.50 User Manual

Appendix C: Configuring the TACACS+ Server

A54-3000-100 A

155

A

PCON

, Inc.

C.3.

Accounting

The syslog handles the accounting or audit trail. You can configure the A

PCON

switch to send

audit event to up to three syslog servers.

By default, the messages from A

PCON

switches are placed into /var/log/messages on the

server(s). You can then redirect these messages either to a file specific to A

PCON

switches or

the file used by the TACACS+ server.

C.3.1.

Example: Routing Messages To TACACS+ Log

The next example redirects the messages to the TACACS+ server file. It assumes the
TACACS+ server is configured to send its messages to /var/log/tacacs.

The syslog log redirects messages by service. All messages for a given service that exceed
the specified threshold are rerouted to the file. The

local6

service was chosen because it

unused on the local network. Your choice depends on services used by your network and
supported by your syslog server.

Add the following two lines to /etc/syslog.conf on your servers.

This causes the message from service

local6

and a severity exactly matching notice to be

sent to /var/log/tacacs. You must send a HUP signal to the syslog server so it will reread its
configuration file.

You must configure the A

PCON

switches to match the servers.You can configure A

PCON

switches using either of these:

Command line: The next example shows the syslog being configured from the command
line interface. Typing a "?" for facility and severity displays the possible values.

Note

The syslog configuration syntax and location of files depends on the operating system and
syslog on your servers. The server used in this example is the default syslog server running
on Fedora 6 Linux.

# Route messages from Apcon switch
local6.=notice /var/log/tacacs

Note

The exact command syntax and file location depends on the version of syslog your
server is running.

Six Corners>> configure service syslog
syslog servers:
Server 1
IP Address? [10.1.108.0]:
Enable a second server? [Y/n] Y
Server 2
IP Address? [10.1.100.50]:
Enable a third server? [y/N] N
Facility? [22] (? for help): 22
Severity? [5] (? for help): 5

See also other documents in the category MultiDyne Accessories communication: