cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5073
Views
0
Helpful
6
Replies

Access log for routers and switches

ssweehin
Level 1
Level 1

May I know is there any ways to review the logon activities to cisco switches and routers? Is there any access logs we can get it from routers and switches?

6 Replies 6

glen.grant
VIP Alumni
VIP Alumni

If logging is turned on then just do a "show logg" and it will show you the logs for the switch or router. If a catos box do a "show logg buffer 1000" and that will show you the log.

Swee

The response from Glen is good information about viewing the log. But that does not necessarily help solve your requirement since normally the logs do not contain information about login activity. However Cisco has introduced an enhancement in recent versions of IOS which do help with this. It is now possible to generate entries in syslog when someone successfully logs in to the router (and also possible to log failed attempts if you want to). This link explains the new command:

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_k1.html#wp1031689

HTH

Rick

HTH

Rick

I have enable to login log. By using the command below:

#login on-success log

#login on-failure log

May I know what is the command to view the log inside?

Joseph W. Doherty
Hall of Fame
Hall of Fame

Rick has addressed the question of someone logging on to the device, but I recall its also possible to log all activity while logged on. Doing this, I recall, uses AAA.

Much simpler, if you don't need line-by-line auditing activity, is usage of some management station that tracks config changes, and can present a before and after image (e.g. Cisco's NCM).

I also have a hazy recollection that some of the later IOSs might have a config archival feature that can be activated on the device, i.e. it saves so many generations of config files.

The best way to do this is with AAA accounting

bar none.

If you do not have the budget to purchase

Cisco ACS, you can use Freeware TACACS+ and it

can do the job for you just fine. Freeware

TACACS+ is very easy to setup and configure.

I actually wrote the install script to do this

on Linux platform. Just untar the file and

hit ./install and you're all set.

Review Cisco Networking for a $25 gift card