Home Technologies Products & Prices Services User Guides Contact Us
home
aaa-reports! enterprise
aaa-reports! v2
ACS v5 Support
csvsync
csvsplit

 

About us...
extraxi offers world class products & consultancy in the field of enterprise AAA and data migration with a number of ex-cisco personnel who have helped secure some of the worlds largest fixed and wireless deployments

 
csvsync for Cisco Secure ACS v3.x/4.x

NEW! csvsync now supports downloading the ACS "package.cab"

automated csv log capture from multiple ACS Servers
csvsync allows you to download CSV reports files from any number of ACS 3.x/4.x servers (windows & appliance vesions) via the http(s) automation interface. It connects to the ACS web admin service (CSAdmin) via http(s) messages in much the same way as your web browser. This makes it very simple to use... no agent software to install on the ACS server - all you need do is create an ACS admin user account for csvsync. If your web browser can connect to the ACS Admin page - then so can csvsync.

For customers with the ACS solution engine (appliance version) this is particularly valuable because the Cisco remote logging agent does not support ALL of the available csv types (eg admin audit, appliance admin, user password changes etc). As the appliance has only limited hard disk space important information could be lost as log files rollover and are deleted. Further still it allows for "bulk" collection of log data at pre-defined times and therefore makes more efficient use of valuable WAN bandwidth. Cisco's remote logging is also an expensive solution for large ACS deployments - requiring a dedicated primary/backup Windows Server pair for every 5 ACS servers!

csvsync is a simple to use windows command-line executable that will pull down the csv files for one or more ACS report types (eg failed attempts, RADIUS accounting etc) into the desired location onto the user's computer. csvsync only pulls down csv files that are new - this prevents it from downloading the same files multiple times and keeps the execution time to a minimum. When downloading from multiple ACS servers, csvsync can optionally add the server name or other reference as a suffix to the filename. This avoids issues with clashing filenames and aids in general file management.

csvsync v3.0.1 now offers support for downloading the ACS support "package.cab" file. This is great if you intend on regularly importing the ACS database into aaa-reports! for configuration document and audit compliance reporting!

csvsync is the perfect companion for aaa-reports! allowing for fast, secure and automated download of your ACS log data. However, csvsync can still be used stand-alone for the purposes of automated log retrieval and archiving.

 

     
  csvsync is substantially cheaper to deploy than Cisco's Remote Agent Logging solution and has none of the limitations - particularly if you have multiple ACS servers. It can collect ALL the csv logs from ANY number of ACS servers (no upper limit), of ANY ACS 3.x/4.x version (including mixed versions), of BOTH software and appliance. You dont need to worry about agent software, dedicated logging servers (and failovers!) AND your ACS servers will perform better because remote logging is very costly both in CPU loading and round trip time.

In short no other solution comes close to csvsync.

 
     

csvsync usage

csvsync is ideal for use in conjunction with the Windows Scheduler service to provide regular automated downloads. As the name suggests, csvsync knows about the files already downloaded and only pulls down new files each time it runs. We recommend you write a .bat or .cmd file, for example:

     
  MyCsvSync.bat:

csvsync -i 10.96.34.1 -u admin -p 123456 -r all  -s " ACS1" -f c:\csvs
csvsync -i 10.96.34.2 -u admin -p 123456 -r all  -s " ACS2" -f c:\csvs
csvsync -i 10.96.34.3 -u admin -p 123456 -r all  -s " ACS3" -f c:\csvs   -a appl  -c https
csvsync -i 10.96.34.3 -u admin -p 123456 -d  -s " ACS3" -f c:\csvs  

 
     

csvsync command line options

Options Description Notes
-i <ipaddr of acs> Ip address of ACS Server to download from Mandatory parameter
-u <acs admin username> Admin username on ACS Server Mandatory parameter.

 

ACS admin user must have sufficient privileges to access the "Reports & Activity" pages (see ACS GUI Administration Control")

-p <acs admin password> Admin password on ACS Server Mandatory parameter
-d Download ACS Support "package.cab" ACS Versions supported:
Appliance - all versions
Software - v4.1(4) or later
-r <report type> One of:

all
admin_audit
failed_auth
radius_acct
voip_acct
tacacs_acct
tacacs_admin
dbsync
dbreplicate
backup_restore
srv_monitor
user_change_pass
passed_auths
appl_admin_audit

default is all. Can use multiple -r clauses per cmdline

All csv's
Administration Audit
Failed Attempts
RADIUS Accounting
VoIP Accounting
TACACS+ Accounting
TACACS+ Administration
RDBMS Synchronization
Database Replication
Backup and Restore
CSMonLog
User Password Changes
Passed Authentications
Appliance Administration (appliance only)

-e <report type> One of:

all
admin_audit
failed_auth
radius_acct
voip_acct
tacacs_acct
tacacs_admin
dbsync
dbreplicate
backup_restore
srv_monitor
user_change_pass
passed_auths
appl_admin_audit

Exclude or more reports - inverse of "-r"

All csv's
Administration Audit
Failed Attempts
RADIUS Accounting
VoIP Accounting
TACACS+ Accounting
TACACS+ Administration
RDBMS Synchronization
Database Replication
Backup and Restore
CSMonLog
User Password Changes
Passed Authentications
Appliance Administration (appliance only)

-s <suffix> Suffix appended to download files Needed when downloading from multiple ACS servers - ie use the ACS server name as the suffix 
-f <folder> Local folder where files are placed default is current folder. Paths with spaces should be quoted, eg "c:\My Documents\files"
-a <acs type> either sw or appl default is sw. Only needed if using -r all
-c <connection type> either http or https default is http
-t <tries> Attempts per log type in case of dropped connection default is 3. 1 attempt & 2 re-tries. Useful on slow or unreliable links.

 

Whats New?

ACS 5 Support

aaa-reports! enterprise v1.2

csvsync v3.0

web reports v1.0

Free Trial

Download the fully functional 60 day trial

Download the aaa-reports! datasheet (PDF)

Download the Audit Reports white paper. Find out how aaa-reports! can help you with audit compliance (PDF)

Need a hand writing a purchase justification? Click here for our management overview of aaa-reports!

Tips 'n' Tricks

Check out our new tips blog.. 

Upgrades FAQ

Q&A for free upgrade eligibility

Technologies

TACACS+ Device Admin (TDA)

Sarbanes Oxley (SOX) Compliance

Network Admission Control (NAC)

 

 

         
Home | Contact
Cisco, Cisco Systems, the Cisco Systems logo, and the Cisco Arrow logo are registered trademarks or trademarks of Cisco Systems Inc and/or is its affiliates in the US and certain other countries. Other trademarks are the property of their respective owners.

Copyright 2006-2012 Extraxi Ltd.  All rights reserved