Cisco 3.3 User Manual
Page 435
11-3
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 11 Logs and Reports
Special Logging Attributes
The content of these attributes is determined by the values entered in the
corresponding fields in the user account. For more information about user
attributes, see
User Data Configuration Options, page 3-3
.
•
ExtDB Info—If the user is authenticated with an external user database, this
attribute contains a value returned by the database. In the case of a Windows
user database, this attribute contains the name of the domain that
authenticated the user.
In entries in the Failed Attempts log, this attribute contains the database that
last successfully authenticated the user. It does not list the database that failed
the user authentication attempt.
•
Access Device—The name of the AAA client sending the logging data to
Cisco Secure ACS.
•
Network Device Group—The network device group to which the access
device (AAA client) belongs.
•
Filter Information—The result of network access restrictions (NARs)
applied to the user, if any. The message in this field indicates whether all
applicable NARs permitted the user access, all applicable NARs denied the
user access, or more specific information about which NAR denied the user
access. If no NARs apply to the user, this logging attribute notes that no
NARs were applied.
The Filter Information attribute is available for Passed Authentication and
Failed Attempts logs.
•
Device Command Set—The name of the device command set, if any, that
was used to satisfy a command authorization request.
The Device Command Set attribute is available for Failed Attempts logs.
•
Remote Logging Result—Whether a forwarded accounting packet is
successfully processed by a remote logging service. This attribute is useful
for determining which accounting packets, if any, may not have been logged
by a central logging service. It is dependent upon the receipt of an
acknowledgment message from the remote logging service. The
acknowledgment message indicates that the remote logging service properly
processed the accounting packet in the manner that the remote logging
service is configured to do. A value of
Remote-logging-successful
indicates that the remote logging service successfully processed the
accounting packet. A value of
Remote-logging-failed
indicates that the
remote logging service did not process the accounting packet successfully.