 |
|
About us... |
|
extraxi offers world class
products & consultancy in the field of
enterprise AAA and data migration with a number of ex-cisco
personnel who have helped secure some of the worlds largest
fixed and wireless deployments |
|
 |
|
|
csvsync for Cisco
Secure ACS v3.x/4.x
NEW! csvsync now supports downloading
the ACS "package.cab" |
 |
 |
automated csv
log capture from multiple ACS Servers |
 |
|
|
csvsync allows you to download CSV reports files from any number
of ACS 3.x/4.x servers (windows & appliance vesions) via the http(s)
automation interface. It connects to the ACS web admin service (CSAdmin)
via http(s) messages in much the same way as your web browser.
This makes it very simple to use... no agent software to install
on the ACS server - all you need do is create an ACS admin user
account for csvsync. If your web browser can connect to the ACS
Admin page - then so can csvsync.
For customers with the ACS solution engine (appliance version)
this is particularly valuable because the Cisco remote logging
agent does not support ALL of the available csv types (eg admin
audit, appliance admin, user password changes etc). As the
appliance has only limited hard disk space important information
could be lost as log files rollover and are deleted. Further
still it allows for "bulk" collection of log data at pre-defined
times and therefore makes more efficient use of valuable WAN
bandwidth. Cisco's remote logging is also an expensive solution
for large ACS deployments - requiring a dedicated primary/backup
Windows Server pair for every 5 ACS servers!
csvsync is a simple to use windows command-line executable that
will pull down the csv files for one or more ACS report types (eg
failed attempts, RADIUS accounting etc) into the desired
location onto the user's computer. csvsync only pulls down csv
files that are new - this prevents it from downloading the same
files multiple times and keeps the execution time to a minimum.
When downloading from multiple ACS servers, csvsync can
optionally add the server name or other reference as a suffix to
the filename. This avoids issues with clashing filenames and
aids in general file management.csvsync v3.0.1 now offers
support for downloading the ACS support "package.cab" file. This
is great if you intend on regularly importing the ACS database
into aaa-reports! for configuration document and audit
compliance reporting!
csvsync is the perfect companion for aaa-reports! allowing for
fast, secure and automated download of your ACS log data.
However, csvsync can still be used stand-alone for the purposes
of automated log retrieval and archiving.
| |
|
|
| |
csvsync
is substantially cheaper to deploy than Cisco's Remote
Agent Logging solution and has none of the limitations - particularly
if you have multiple ACS servers. It can collect ALL the csv logs from
ANY number of ACS servers (no upper
limit), of ANY ACS 3.x/4.x version (including mixed versions),
of BOTH software and appliance. You dont need to worry
about agent software, dedicated logging servers (and
failovers!) AND your ACS servers will perform better
because remote logging is very costly both in CPU
loading and round trip time.
In short no other
solution comes close to csvsync. |
|
| |
|
|
csvsync usage
csvsync
is ideal for use in
conjunction with the Windows Scheduler service to provide regular
automated downloads. As the name suggests, csvsync knows about the
files already downloaded and only pulls down new files each time
it runs. We recommend you write a .bat or .cmd file, for example:
| |
|
|
| |
MyCsvSync.bat:
csvsync -i
10.96.34.1 -u admin -p 123456 -r all -s "
ACS1" -f c:\csvs
csvsync -i
10.96.34.2 -u admin -p 123456 -r all -s "
ACS2" -f c:\csvs
csvsync -i
10.96.34.3 -u admin -p 123456 -r all -s "
ACS3" -f c:\csvs -a appl -c https
csvsync -i
10.96.34.3 -u admin -p 123456 -d -s "
ACS3" -f c:\csvs |
|
| |
|
|
csvsync command line
options
| Options |
Description |
Notes |
| -i
<ipaddr of acs> |
Ip
address of ACS Server to download from |
Mandatory
parameter |
| -u
<acs admin username> |
Admin
username on ACS Server |
Mandatory
parameter.
ACS
admin user must have sufficient privileges to access the
"Reports & Activity" pages (see ACS GUI
Administration Control")
|
| -p
<acs admin password> |
Admin
password on ACS Server |
Mandatory
parameter |
| -d |
Download ACS
Support "package.cab" |
ACS Versions
supported:
Appliance - all versions
Software - v4.1(4) or later |
| -r
<report type> |
One
of:
all
admin_audit
failed_auth
radius_acct
voip_acct
tacacs_acct
tacacs_admin
dbsync
dbreplicate
backup_restore
srv_monitor
user_change_pass
passed_auths
appl_admin_audit |
default
is all. Can use multiple -r
clauses per cmdline All csv's
Administration Audit
Failed Attempts
RADIUS Accounting
VoIP Accounting
TACACS+ Accounting
TACACS+ Administration
RDBMS Synchronization
Database Replication
Backup and Restore
CSMonLog
User Password Changes
Passed Authentications
Appliance Administration (appliance only) |
| -e
<report type> |
One
of:
all
admin_audit
failed_auth
radius_acct
voip_acct
tacacs_acct
tacacs_admin
dbsync
dbreplicate
backup_restore
srv_monitor
user_change_pass
passed_auths
appl_admin_audit |
Exclude or more reports - inverse of "-r" All csv's
Administration Audit
Failed Attempts
RADIUS Accounting
VoIP Accounting
TACACS+ Accounting
TACACS+ Administration
RDBMS Synchronization
Database Replication
Backup and Restore
CSMonLog
User Password Changes
Passed Authentications
Appliance Administration (appliance only) |
| -s
<suffix> |
Suffix
appended to download files |
Needed
when downloading from multiple ACS servers - ie use the ACS
server name as the suffix |
| -f
<folder> |
Local
folder where files are placed |
default
is current folder. Paths
with spaces should be quoted, eg "c:\My
Documents\files" |
| -a
<acs type> |
either
sw or appl |
default
is sw. Only needed if using -r all |
| -c
<connection type> |
either
http or https |
default
is http |
|
-t <tries> |
Attempts per log type in case
of dropped connection |
default is 3. 1 attempt & 2
re-tries. Useful on slow or unreliable links. |
|
|
|
Whats New?
ACS 5 Support
aaa-reports! enterprise v1.2
csvsync v3.0
web reports v1.0
Free Trial
Download the fully functional 60 day trial
Download the aaa-reports! datasheet (PDF)
Download the Audit Reports white paper. Find out how aaa-reports!
can help you with audit compliance (PDF)
Need a hand writing a purchase justification? Click here for our
management overview of aaa-reports!
Tips 'n' Tricks
Check out our new tips blog..
Upgrades FAQ
Q&A for free upgrade eligibility
Technologies
TACACS+ Device Admin (TDA)
Sarbanes Oxley (SOX) Compliance
Network Admission Control (NAC)
|
|
