topic IDSM - Login and Command History in Network Security

IDSM - Login and Command History

cisco_lite — Sun, 10 Mar 2019 11:38:57 GMT

Hi,

How can the login and command history/log along with timestamp be configured on IDSM modules.

Regards.

Re: IDSM - Login and Command History

rhermes — Tue, 02 Jun 2009 19:33:59 GMT

I'm sorry to tell you it can't be configured because that feature doesn;t exist. There is an event generated when a user logs in that can be seen in the event database, aong with a boatload of other system events (show events past 23:59), but no command history logs.

For a security device, it has very little security in and of itself. No AAA, multiple logins on the same username permitted, no forced password change (unless you count the default password).

Re: IDSM - Login and Command History

Farrukh Haroon — Wed, 03 Jun 2009 05:46:43 GMT

The modules don't support AAA, therefore they cannot do any 'accounting'. Syslogs are not supported either.

You might be able to get this information from the UNIX backend (regarding who is logging in, and not the commands). But this would not be reocmmended, and perhaps not supported by TAC.

Regards

Farrukh