Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5075
Views
0
Helpful
6
Replies

Access log for routers and switches

ssweehin
Level 1
Level 1

‎11-26-2008 01:31 AM - edited ‎03-06-2019 02:40 AM

May I know is there any ways to review the logon activities to cisco switches and routers? Is there any access logs we can get it from routers and switches?

Labels:
0 Helpful
6 Replies 6

glen.grant
VIP Alumni
VIP Alumni

‎11-26-2008 05:07 AM

If logging is turned on then just do a "show logg" and it will show you the logs for the switch or router. If a catos box do a "show logg buffer 1000" and that will show you the log.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to glen.grant

‎11-27-2008 01:58 PM

Swee

The response from Glen is good information about viewing the log. But that does not necessarily help solve your requirement since normally the logs do not contain information about login activity. However Cisco has introduced an enhancement in recent versions of IOS which do help with this. It is now possible to generate entries in syslog when someone successfully logs in to the router (and also possible to log failed attempts if you want to). This link explains the new command:

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_k1.html#wp1031689

HTH

Rick

HTH

Rick
0 Helpful

ssweehin
Level 1
Level 1
In response to Richard Burts

‎11-28-2008 04:39 AM

I have enable to login log. By using the command below:

#login on-success log

#login on-failure log

May I know what is the command to view the log inside?

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎11-28-2008 04:31 AM

Rick has addressed the question of someone logging on to the device, but I recall its also possible to log all activity while logged on. Doing this, I recall, uses AAA.

Much simpler, if you don't need line-by-line auditing activity, is usage of some management station that tracks config changes, and can present a before and after image (e.g. Cisco's NCM).

I also have a hazy recollection that some of the later IOSs might have a config archival feature that can be activated on the device, i.e. it saves so many generations of config files.

0 Helpful

cisco24x7
Level 6
Level 6
In response to johnlloyd_13

‎11-28-2008 08:14 AM

The best way to do this is with AAA accounting

bar none.

If you do not have the budget to purchase

Cisco ACS, you can use Freeware TACACS+ and it

can do the job for you just fine. Freeware

TACACS+ is very easy to setup and configure.

I actually wrote the install script to do this

on Linux platform. Just untar the file and

hit ./install and you're all set.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card