Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1032
Views
0
Helpful
7
Replies

How to restrict normal users from viewing logging buffer

dhanushkas
Level 1
Level 1

‎05-05-2022 10:48 PM

Hi All,

 

I would like to give normal user with all the configuring and show commands except running show logging command. i.e I want to restrict normal users by viewing syslog buffer in the switch.

 

I would appreciate if anyone can help me on this.

 

Thank you and Regards,

Gayan Samarakoon. 

 

 

0 Helpful
7 Replies 7

dhanushkas
Level 1
Level 1

‎05-05-2022 11:08 PM

Hi All,

 

I would like to give normal users all the configurations and show command privileges except show logging command. i.e. I want to restrict normal users from viewing logging buffer.

 

It would be really greatfull if some one can help me on this.

 

Thank you and Regards,

Dhanushka

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to dhanushkas

‎05-05-2022 11:36 PM

how is your user AAA configured , Local or any ACS/ ISE/ or Radius ?

 

you need to restrict the user to only with permit commands, so rest will be not authorized: its easy (if you use any identity-based system, if this is local you need to enter manually for that user - manual task)

 

example :

 

For user 

 

permit running-config

permit cdp neigh

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

dhanushkas
Level 1
Level 1
In response to balaji.bandi

‎05-05-2022 11:40 PM

Hi Balaji,

 

Thank you for your prompt reply.

 

These users are created locally, I only want to restrict "show logging" command, all other commands should be permitted. Can this be done.

 

Thank you,

Dhanushka.

0 Helpful

Kasun Bandara
VIP
VIP

‎05-06-2022 12:01 AM - edited ‎05-06-2022 12:19 AM

you can assign commands for privilege levels and assign relevant level to user.

https://study-ccna.com/cisco-privilege-levels/

 

Also you can use parser views to configure views and let relevant user to load permitted view at enable.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

dhanushkas
Level 1
Level 1
In response to Kasun Bandara

‎05-06-2022 12:18 AM

Hi Kasun,

 

Thank you for your reply.

 

I only want to restrict "show logging" command only. All Other commands should be allowed. Can this be achieved without permitting all the commands explicitly which is bit cumbersome.

 

Thank you,

Dhanushka.

0 Helpful

dhanushkas
Level 1
Level 1

‎05-07-2022 10:29 AM

Hi MHM,

 

Thanks a lot for your reply.

I will run this configuration in testing environment  and get back to you if there is anything to be done.

 

Thank you again.

Gayan Samarakoon.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card