Cisco Acs 57 User Guide
Have a look at the manual Cisco Acs 57 User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
9 Managing Reports Saving and Scheduling Reports Saved Reports, page 9 Scheduled Reports, page 10 Saved Reports This section contains the following topics: Saving Reports, page 9 Editing Saved Reports, page 9 Deleting Saved Reports, page 10 Saving Reports You can customize a report and save the changes as a new report. The saved reports are displayed under Saved and Scheduled reports section of Reports web interface. 1.Run a report as described in Running Reports, page 3. 2.Click Save As in the top right-hand corner of the report summary page. 3.Choose Report. 4.Enter the Name and Description in the dialog box. 5.Click Save. The report is now saved along with the selected filter values. Note: You can edit the report name and description of the saved reports. To edit the report name and description of the saved reports, select the report that you want to edit and click Edit Setting. Editing Saved Reports You can customize a report and save that as a new report in Saved reports page. The saved reports appear with the customized filters. You can add new filters or remove the existing filters, edit them, and save that as a new report. You can customize a saved report and save that report as a new report using the Save As New option. 1.Monitoring and Reports > Reports > Saved and Scheduled Reports > Saved Reports. 2.Select the report that you want to edit. The selected saved reports appear with the existing filters. 3.You can add or remove filters from the Filters drop-down list: To add filters, select the required filters from the Filters drop-down list. You can find a green color tick mark near the selected filters. To remove filters, deselect the filters from the Filters drop-down list. The green color tick mark disappears after you deselect it. 4.Click OK. Selected filters appears under the saved reports with its default values.
1 Managing Reports Saving and Scheduling Reports 5.Enter the required details for the selected filters and click Run. 6.Click Save As in the top right-hand corner of the report summary page. 7.Choose Report. 8.Enter the Name and Description in the dialog box. 9.Click Save to save the report or Save As New to save this report as a new report. If you click Save, ACS overrides the existing customization and save this report. If you click Save As New, ACS do not override the existing customization. The edited report is now saved as a new report with the name specified. Deleting Saved Reports To delete a report from the Saved Reports page: 1.Choose Monitoring and Reports > Reports > Saved and Scheduled Reports > Saved Reports. 2.Select the report that you want to delete, and click Delete. 3.Click OK to confirm that you want to delete the selected saved report. The Saved Report is now deleted. Related Topics Saving Reports, page 9 Scheduled Reports In ACS 5.7, you can schedule reports for a future date in such a way that ACS automatically generates the report. This can be done using the scheduled reports feature available in the Saved and Scheduled Reports drawer of Reports web interface. In ACS 5.5, this feature is available only for the RADIUS authentication, RADIUS accounting, TACACS+ authentication, TACACS+ authorization, and TACACS+ accounting reports. But in ACS 5.7, this feature is available for all the ACS Reports other than a few reports listed below. You cannot schedule the following reports in ACS 5.7: ACS Health Summary ACS Instance Authentication Summary Top N Authentication by ACS Instance AAA Down Summary Top N AAA Down By Network Device RBACL Drop Summary RADIUS Active Sessions RADIUS Session History RADIUS Terminated Sessions
1 Managing Reports Saving and Scheduling Reports TACACS Active Sessions TACACS Session History TACACS Terminated Sessions In ACS 5.7, you have the option to configure the remote repository to which the generated reports are exported and stored. ACS generates the scheduled reports based on the given time range, exports them to a comma separated values file, and stores them in the specified remote repository. An email notification is sent whenever a scheduled report is generated successfully. To receive a email notification for the scheduled reports, you need to configure the email server details on the Email Settings page. See Specifying E Mail Settings, page 14 to configure email server details. The email notification contains the following information: File Name—Name of the generated report file. The format of the filename is RptExp____.csv. For instance, if the name of the scheduled report is “report1”, then the filename is displayed as: RptExp_acsadmin_report1_2014-08-05_14-00-00.000000182.csv. Repository Name—Name of the remote repository where the generated reports are stored. Generated on—The date and time at which the report is generated. ACS does not generate any alarms or email notifications if a scheduled report generation fails. To know the status of the scheduled reports, go to the Monitoring Configuration > System Operations > Scheduler page and check for the status. This section contains the following topics: Scheduling Reports, page 11 Deleting Scheduled Reports, page 13 Note: When you upgrade from ACS 5.5 to 5.7, the existing Scheduled Reports in ACS 5.5 will be displayed under Saved and Scheduled Reports > Scheduled Reports Page in ACS 5.7. Scheduling Reports To schedule ACS reports: 1.Choose Monitoring and Reports > Reports > Saved and Scheduled Reports > Scheduled Reports. 2.Run the report as described in Running Reports, page 3. 3.Click Save As in the top right-hand corner of the report summary page. 4.Choose Scheduled Report. The Scheduled Reports properties page appears. Complete the fields in the Scheduled Reports page as described Ta b l e 1 on page 11. Table 1 Scheduled Reports Properties Page Option Description Identification Name (Required) Name of the scheduled report. Description (Optional) A brief description of the scheduled report.
1 Managing Reports Saving and Scheduling Reports Repository (Required) Select a remote repository from the drop-down list to export and store in it. You need to configure the remote repositories using the ACS CLI interface or the ACS web interface. Send Email Notification (Required) Enter the email address to which an email notification or alarm should be sent upon successful generation of the scheduled report. You can add multiple email addresses separating them with a comma. You will not receive an email for the scheduled reports if you do not configure the email server details on the Email Settings page. To configure email server details, see Specifying E Mail Settings, page 14. Schedule Frequency (Required) Select the frequency of the scheduled report from the drop-down list. The available frequencies are One Time, hourly, daily, weekly, and monthly. One Time—ACS generates the report only once based on the schedule. Hourly—ACS generates the report on an hourly basis for the specified time period. Daily—ACS generates the report every day at the specified time. Weekly—ACS generates the report on the specified day or days of every week. You must configure the day or days in the Day option. Monthly—ACS generates the report on the specified day or days of every month. You must configure the day or days in Day option. Yearly—ACS generates the report on the specified day of the selected month. You must configure the day, month, and time. At Time (Required) Select the hour and minutes of the day at which the report should be triggered. The time ranges between 12:00 AM and 11:30 PM. For example, if you select 6:30 AM, the report is generated at 6:30 a.m. for the specified time period. Every (Optional) Select the hour (n) of the day from the drop-down list to run the report for every n hour on that day between the configured time interval. In addition, select the time range from the drop-down list for which you want ACS to generate the report between xand yhours. For example, if you select 3 hours and run between 8 AM and 5 PM, then the report runs for every three hours between 8 AM and 5 PM. This option appears only when you select the frequency as hourly. Month (Optional) Select the month on which you want to run your report. This option appears only when you select the frequency as Monthly. Table 1 Scheduled Reports Properties Page (continued) Option Description
1 Managing Reports Favorite Reports 5.Click Save. The scheduled report is saved. Deleting Scheduled Reports To delete a report from the Scheduled Reports page: 1.Choose Monitoring and Reports > Reports > Saved and Scheduled Reports > Scheduled Reports. 2.Select the report that you want to delete, and click Delete. 3.Click OK to confirm that you want to delete the selected report. The Scheduled Report is now deleted. Favorite Reports You can add reports that you most frequently use to your Favorites page so that you do not have to navigate each time to get to your favorite report. In ACS 5.5, you can customize the catalog reports (ACS reports in ACS 5.7) and add them to favorite reports along with the customized parameters so that you can run the customized report from favorite reports section next time. But in ACS 5.7, the favorite reports provide the same functionality of ACS reports. When you upgrade from ACS 5.5 or 5.6 to 5.7, the existing favorite reports in ACS 5.5 or 5.6 will be displayed under Saved reports section in ACS 5.7. The favorite reports section in ACS 5.7 displays the following default favorite reports: ACS Configuration Audit ACS System Diagnostics RADIUS Authentication TACACS Authentication On Day (Optional) Check the check boxes the days or select the day from the drop-down list on which to generate the reports. This option over rules the Frequency sometimes. For example, if you select the frequency as daily and select the days Monday, Tuesday, and Thursday; the reports are generated only for the selected days and not daily. When you set the frequency as hourly, daily, or weekly, this option displays the check boxes from Monday to Sunday. You need to check the appropriate check box or boxes the days. When you set the frequency as monthly or yearly, this option displays the a drop-down list that ranging from day 1 through 31 and last day. You need to select day from the drop-down list. For example, if you select 5 from the drop-down list, the reports run on 5th day of every month. Start Date (Optional) Click the icon the Start Date field to select a date from when you want ACS to start generating the scheduled reports. The date format is YYYY/MM/DD. End Date (Optional) Click the icon the End Date field to select a date on which you want ACS to stop generating the scheduled reports. The date format is YYYY/MM/DD. Table 1 Scheduled Reports Properties Page (continued) Option Description
1 Managing Reports Available Reports This section contains the following topics: Adding Favorite Reports, page 14 Deleting Reports from Favorites, page 14 Adding Favorite Reports You can add preconfigured system reports to your favorites list, as well as reports that you have customized. You can add reports that you use frequently to a list of favorites to make them easier to find, similar to how you bookmark favorite websites in a browser. You can view and edit the parameters of your favorite reports, and then save the customized reports for reuse. To add a report to your Favorites page: 1.Select Monitoring and Reports > Reports > ACS Reports > report_type >, where report_type is the type of report. The available reports for the report type you selected are displayed. 2.Run a report, as described in Running Reports, page 3. 3.Click Favorite in the top right-hand corner of the report summary page. The report appears in your Favorites list. Deleting Reports from Favorites To delete a report from the Favorites page: 1.Select Monitoring and Reports > Reports > Favorites. 2.Select the report that you want to delete from favorites, and click Unfavorite in the top right-hand corner of the report summary page. The selected report disappears from the Favorites section. Note: Favorite Reports in ACS may disappear from the Reports web interface after every database purge activity. This issue occurs when the report is created by an external identity store user. At the time of database purge activity, ACS verifies the internal user database to check if the user who created the favorite reports is available in the internal identity store users list. If the user is not available in the internal identity store user list, ACS deletes that report from the Reports web interface. The workaround for this issue is to create a local ACS administrator with the same name as the external identity store user, so that the favorite reports will not be deleted after every database purge activity. Note: When you delete a system report from the Favorites page, the system report is not displayed in the favorites page. The system report will not be deleted from the ACS Reports section. Note: The shared reports that were created in ACS 5.5 or 5.6 are deleted after you upgrade to ACS 5.7. Available Reports Table 2 on page 15 lists the preconfigured reports, grouped according to their category. Descriptions of the report functionality and logging category are also provided. These reports are available when you select Monitoring and Reports, launch Monitoring and Report Viewer, and then select Monitoring and Reports > Reports > ACS Reports.
1 Managing Reports Available Reports Table 2 Available Reports Report Name Description Logging Category AAA Protocol AAA diagnostics Provides AAA diagnostic details based on severity for a selected time period.Policy diagnostics, identity stores diagnostics, authentication flow diagnostics, RADIUS diagnostics, TACACS+ diagnostics Authentication Trend Provides RADIUS and TACACS+ authentication summary information for a selected time period; along with a graphical representation.Passed authentications, failed attempts RADIUS Accounting Provides user accounting information based on RADIUS for a selected time period.RADIUS accounting RADIUS Authentication Provides RADIUS authentication details for a selected time period.Passed authentications, failed attempts TACACS Accounting Provides user or command accounting information for TACACS+ authentications for a selected time period.TACACS+ accounting TACACS Authentication Provides TACACS+ authentication details for a selected time period.Passed authentications, failed attempts TACACS Authorization Provides TACACS+ authorization details for a selected time period.Passed authentications, failed attempts Access Service Access Service Authentication SummaryProvides RADIUS and TACACS+ authentication summary information for a particular access service for a selected time period; along with a graphical representation.Passed authentications, failed attempts Top N Authentications By Access ServiceProvides the top N passed, failed, and total authentication count for RADIUS and TACACS+ authentications with respect to the access service for a selected time period.Passed authentications, failed attempts ACS Instance ACS Administrator EntitlementShows the role of the administrator in ACS and the: Tasks in ACS that the administrator is entitled to access Privileges that the administrator has for each of those operationsNone ACS Administrator Logins Provides access-related events for administrators that includes login, logout, events, and reasons for failed login attempts.Administrative and operational audit ACS Configuration Audit Provides all the configuration changes done in ACS by the administrator for a selected time period.Administrative and operational audit
1 Managing Reports Available Reports ACS Health Summary Provides the CPU, memory utilization, RADIUS and TACACS+ latency and throughput (in tabular and graphical formats). It also gives process status, process downtime, and disk space utilization for a particular ACS instance in a selected time period.System statistics ACS Instance Authentication SummaryProvides RADIUS and TACACS+ authentication summary information for a particular ACS instance for a selected time period; along with a graphical representation. This report could take several minutes to run depending on the number of records in the database. When you reload this report, if rate of incoming syslog messages is around 150 messages per second or more, the total number of passed and failed authentications that appear above the graph and the passed and failed authentication count that is displayed in the table do not match.Passed authentications, failed attempts ACS Log Information Provides ACS log information for a particular log category and ACS server for a selected time period.All log categories ACS Operations Audit Provides all the operational changes done in ACS by the administrator for a selected time period.Administrative and operational audit ACS System Diagnostics Provides system diagnostic details based on severity for a selected time period.Internal Operations Diagnostics, distributed management, administrator authentication and authorization Top N Authentication by ACS InstanceProvides the top N passed, failed, and total authentication count for RADIUS and TACACS+ protocol with respect to a particular ACS instance for a selected time period.Passed authentications, failed attempts User Change Password Audit Provides the username of the internal user, identity store name, name of the ACS instance, and time when the user password was changed. Helps to keep track of all changes made to internal user passwords across all ACS interfaces.Administrative and operational audit Endpoint Endpoint MAC Authentication SummaryProvides the RADIUS authentication summary information for a particular MAC or MAB for a selected time period; along with a graphical representation.Passed authentications, failed attempts Top N Authentications By Endpoint MAC AddressProvides the top N passed, failed, and total authentication count for RADIUS protocol with respect to MAC or MAB address for a selected time period.Passed authentications, failed attempts Table 2 Available Reports (continued) Report Name Description Logging Category
1 Managing Reports Available Reports Top N Authentications By MachineProvides the top N passed, failed, and total authentication count for RADIUS protocol with respect to machine information for a selected time period.Passed authentications, failed attempts Failure Reason Authentication Failure Code LookupProvides the description and the appropriate resolution steps for a particular failure reason.N/A Failure Reason Authentication SummaryProvides the RADIUS and TACACS+ authentication summary information for a particular failure reason; along with a graphical representation for a selected time period.Failed attempts Top N Authentications By Failure ReasonProvides the top N failed authentication count for RADIUS and TACACS+ protocols with respect to Failure Reason for a selected time period.Failed attempts Network Device AAA Down Summary Provides the number of AAA unreachable events that a NAD logs within a selected time period.N/A Network Device Authentication SummaryProvides the RADIUS and TACACS+ authentication summary information for a particular network device for a selected time period, along with the graphical representation.Passed authentications, failed attempts Network Device Log MessagesProvides you the log information of a particular network device, for a specified time period.N/A Session Status Summary Provides the port sessions and status of a particular network device obtained by SNMP. This report uses either the community string provided in the report or the community string configured in the web interface Monitoring And Reports -> Launch Monitoring And Report Viewer -> Monitoring Configuration -> SNMP Settings.N/A Top N AAA Down By Network DeviceProvides the number of AAA down events encountered by each of the network devices.N/A Top N Authentications by Network DeviceProvides the top N passed, failed, and total authentication count for RADIUS and TACACS+ protocols with respect to network device for a selected time period.Passed authentications, failed attempts Security Group Access RBACL Drop Summary Provides a summary of RBACL drop events for a selected time period.N/A SGT Assignment Summary Provides a summary of SGT assignments for a selected time period.Passed authentications Top N RBACL Drops By DestinationProvides the top N RBACL drop event count with respect to destination for a selected time period.N/A Top N RBACL Drops By User Provides the top N RBACL drop event count with respect to the user for a selected time period.N/A Table 2 Available Reports (continued) Report Name Description Logging Category
1 Managing Reports Available Filters Note: ACS 5.7 displays a detailed audit reports on ACS configuration audit reports page for creating, editing, or re-ordering access service policies from the ACS web interface. Available Filters ACS 5.7 provides you an option to select the filter values from the available values for all the filters. You have to enter the first three letters of the filter values in the filter fields. ACS displays the available values after entering the first three letters. Note: Not all options listed in Table 3 on page 19 are used in selecting data for all reports. Top N SGT Assignments Provides the top N SGT assignment count for a selected time period.Passed authentications Session Directory RADIUS Active Sessions Provides information on RADIUS authenticated, authorized, and started sessions. RADIUS Active Sessions report allows you to dynamically control active RADIUS sessions. With this feature, you can send a reauthenticate or disconnect request to a NAD to: Reauthenticate the user Terminate the session Terminate the session and restart the port Terminate the session and shut down the portPassed authentications, RADIUS accounting RADIUS Session History Provides a summary of RADIUS session history, such as total authenticated, active, and terminated sessions and total and average session duration and throughput for a selected time period.Passed authentications, RADIUS accounting RADIUS Terminated SessionsProvides all the RADIUS terminated session information for a selected time period.Passed authentications, RADIUS accounting TACACS Active Sessions Provides information on TACACS+ active sessions. TACACS+ accounting TACACS Session History Provides TACACS+ session history summary, such as total active and terminated sessions and total and average session duration and throughput for a selected time period.TACACS+ accounting TACACS Terminated SessionsProvides TACACS terminated session details for a selected time period.TACACS+ accounting User Top N Authentications By UserProvides top N passed, failed, and total authentication count for RADIUS and TACACS+ protocol with respect to users for a selected time period.Passed authentications, failed attempts User Authentication SummaryProvides RADIUS and TACACS+ authentication summary information for a particular user for a selected time period; along with the graphical representation.Passed authentications, failed attempts Table 2 Available Reports (continued) Report Name Description Logging Category