Explore Cisco
How to Buy

Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

What is the "delete 20000 sessions" alarm I see on my ACS 5.x dashboard?

Available Languages

Download Options

  • PDF     (74.2 KB)
    View with Adobe Reader on a variety of devices
Updated:January 31, 2013
Document ID:115942

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Introduction

This document describes the "delete 20000 sessions alarm that might appear on the Cisco Secure Access Control System (ACS) 5.x dashboard.

Note: This content was created by Dragana Radmilo, Cisco TAC Engineer.

Q. What is the "delete 20000 sessions" alarm I see on my ACS 5.x dashboard?

A. This alert is informational and is generated because the ACS View keeps track of authentication sessions.

The ACS View maintains all the sessions (RADIUS/TACACS Authentication/Authorization/Accounting). It can keep only 250,000 sessions at a time. Whenever it crosses 250k, it will try to delete 20k sessions, and will send an alarm (the one that you see on the ACS Dashboard).

delete-20000-sessions-01.gif

The ACS normally keeps track of the session authentications by following accounting records ACCOUNT_START and ACCOUNT_STOP. However, if ACS View does not get ACCOUNT_STOP records, the number of sessions will not be decreased. As a result, any active sessions for which the ACS View does not receive an ACCOUNT_STOP will remain and then expire after two days.

This is covered in Cisco bug ID CSCtj69797 ( registered customers only) .

Note: These messages are purely informational and do not impact authentication.

Related Information

Revision History

Revision Publish Date Comments
1.0
31-Jan-2013
Initial Release
TAC Authored

Contributed by Cisco Engineers

  • This content was created by Dragana Radmilo
    Cisco TAC Engineer.

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products