02-27-2009 01:27 AM - edited 03-15-2019 04:30 PM
Hi,
I get this message often in my syslog:
IPTel On Fri Feb 27 09:38:31 CET 2009 on node ditelcm1, the following SyslogSeverityMatchFound events generated: SeverityMatch - Alert sshd(pam_unix)[17605]: check pass; user unknown
What does it mean exactly?
Thanks,
Kurt
03-05-2009 06:39 AM
This error generally means that somebody on the network is trying to access your CCM via SSH and it is failing. This could also be indicative of one of the administrators trying the wrong password a couple of times and eventually were logged in.
02-22-2016 01:56 AM
02-22-2016 02:29 AM
You will need to pull Audit logs from RTMT in order to find out the details. Refer to below links for more details:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/service/7_1_2/admin/Serviceability/saaulog.html
https://supportforums.cisco.com/discussion/10853871/how-see-access-log-call-manager-7-administration
Please note the above logs will only show you the detailed information if set to debug. In case, if they are not as of now then probably you might not be able to see the required information
Regards
Deepak
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide