11-22-2008 02:58 AM - edited 03-06-2019 02:37 AM
Hi,
I have many Cisco Catalyst switches and I have managed to log when a user logs into the switches to our syslog server, however I now need to log any changes made on the configs, is this possble?
This is what I have added so far:
logging buffered 8192 notifications
login on-failure log
login on-success log
archive
log config
logging enable
logging size 200
notify syslog contenttype plaintext
hidekeys
logging trap notifications
logging source-interface Vlan1
logging 192.168.1.19
Am I missing something?
11-22-2008 04:09 AM
You would probably have to use AAA accounting and the use of a tacacs or radius server to accomplish this. Do a search on configuring AAA accounting.
11-24-2008 01:30 AM
Hi
Be carfull, my 3750/3560 rebooted every time i made a config change after I configured this option.
What Switch, What IOS?
You have seen this config?
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtconlog.html
11-24-2008 06:40 AM
Hello Andy,
I think you need to move to AAA for doing this
we use the following commands with ACS tacacs+
aaa new-model
aaa authentication login ACS group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa accounting update newinfo
aaa accounting exec ACS start-stop group tacacs+
aaa accounting commands 1 ACS start-stop group tacacs+
aaa accounting commands 15 ACS start-stop group tacacs+
!
aaa session-id common
the accounting commands are the ones that allow to record any command entered by every one.
In the log there is a line for each command with the timestamp, user, command, ip address of device
This is useful in understanding the reasons of crashes or some major faults.
Hope to help
Giuseppe
11-24-2008 08:11 AM
I agree with the others that AAA is the best solution, but you can do it locally (depending on your platform).
http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtconlog.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide