Logging all IOS commands to AAA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2002 08:43 AM - edited 02-21-2020 10:04 AM
Hi everyone,
Is it possible to log every command issued on routers/switches to an AAA server such as CiscoSecure ACS?
If yes, how?
Cheers,
Attila
- Labels:
-
Other NAC
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2002 12:41 PM
Sure, just use the "tacacs administration" command along with the apporpriate accounting commands.
-Jeff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-28-2002 01:00 PM
There is an excellent example of using IOS command authorization and accounting with CiscoSecure ACS for Unix here:
http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c4.htm#xtocid6
and
http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c5.htm#86578
Note this is command accounting for privilege level 15 commands. If you want to account for others, just specify the privilege level.
Hope this helps....
