The authentication debug option can be used to monitor both successful and failed login attempts.

The AAA/AUTH entry shows where a request has passed, has had an error, or has had a failed login attempt. The example here shows a pass.

The TACACS+ debug option (TAC+ prompt) displays information from the TACACS+ protocol.

The debug TACACS+ event options monitor connections between the NAS and remote hosts, and show interface status.