System monitoring options – Cisco 3.3 User Manual
Page 324
Chapter 8 System Configuration: Basic
Cisco Secure ACS Active Service Management
8-18
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
System Monitoring Options
You have the following options for configuring system monitoring:
•
Test login process every X minutes—Controls whether or not Cisco Secure
ACS tests its login process. The value in the X box defines, in minutes, how
often Cisco Secure ACS tests its login process. The default frequency is once
per minute, which is also the most frequent testing interval possible.
When this option is enabled, at the interval defined, Cisco Secure ACS tests
authentication and accounting. If the test fails, after four unsuccessful re-tries
Cisco Secure ACS performs the action identified in the If no successful
authentications are recorded list and logs the event.
•
If no successful authentications are recorded—Specifies what action
Cisco Secure ACS takes if it detects that its test login process failed. This list
contains several built-in actions and reflects actions that you define. The
items beginning with asterisks (*) are predefined actions.
–
*Restart All—Restart all Cisco Secure ACS services.
–
*Restart RADIUS/TACACS+—Restart only the RADIUS and
TACACS+ services.
–
*Reboot—Reboot Cisco Secure ACS.
–
Custom actions—You can define other actions for Cisco Secure ACS to
take upon failure of the login process. Cisco Secure ACS can execute a
batch file or executable upon the failure of the login process. To make a
batch or executable file available in the on failure list, place the file in the
following directory:
drive
:\
path
\CSMon\Scripts
where drive is the local drive where you installed Cisco Secure ACS and
path is the path from the root of drive to the Cisco Secure ACS directory.
–
Take No Action—Leave Cisco Secure ACS operating as is.
•
Generate event when an attempt is made to log in to a disabled
account—Specifies whether Cisco Secure ACS generates a log entry when a
user attempts to log in to your network using a disabled account.
•
Log all events to the NT Event log—Specifies whether Cisco Secure ACS
generates a Windows event log entry for each exception event.