Hi,
in order to perform acceptance tests following the installation of a Cisco 4980 router cluster, I need to verify that any system security events are logged and I can diplay them on the CLI output (for example with the #show logging command).
By system security events logs, I mean for example bad authentification on the switch, creation/deletion/modification of a user accoount, telnet connexion attempt while this protocol is not allowed, etc...
With the #show logging command, I have security events related to access-list, or configuration changes (even if these ones are not really verbose on waht have been changed), but no "system" security events.
Here is my logging initial logging configuration on these routers:
logging rate-limit 1 except errors
logging console critical
logging monitor critical
But I also tried like this:
logging rate-limit 1 except errors
logging console informational
logging monitor critical
logging history informational
logging facility auth
But exactly the same result...
Is this feature exist or not ?
If yes, how to configure it ?
Thanks.
Julien