cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
8603
Views
3
Helpful
11
Replies

NXOS 'archive log config' equivalent?

firemtngems
Beginner
Beginner

Hi,

I'm running NXOS 5.1.1 on a N7010.  This is a new switch and I am looking for a feature to log config directives (like in the IOS via 'archive log config' command).  Is there such a thing?  If so, how?

Thanks,

Mike

11 Replies 11

phiharri
Beginner
Beginner

Hi Mike,

'show accounting log' displays the local accounting log which contains a quite substantial history of commands entered in both exec and config mode. You could use 'show accounting log | i 'configure terminal'' to display only config changes.

Hope this helps,

/Phil

Thanks Phil, that is helpful.  I also need to get it off to a syslog server.  Can that be done?

Mike

Hi Mike,

For logging config changes other than on the switch itself your best bet would be setting up proper AAA accounting to a TACACS+ or RADIUS server, I can't think of any way you'd get this off via syslog.

Cheers,

/Phil

mgaven
Beginner
Beginner

Hello Mike, are you solved that issue?

In what way?

Thanks.-

You need to setup AAA accounting to capture this.  That means TACACS or RADIUS.

Cheers,

Mike

Can´t I do this sending a log to my syslog server?

I centralize all the logs on a Prime LMS server and wish keep that.

Thanks

No but, LMS along with DFM, HUM and all that will work.

This link describes AAA accounting, if you really want to persue it.  I'm not a TACACS user but there that approach too.

http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/sec_cfg_accountg.html

For me?  I am with you, I don't know why Cisco changed this in NXOS, it worked fine using syslog.

Good luck,

Mike

Thanks!

Have you found a way to send the config commands to a syslog server? I am having the same issue. Our strategy works fine for IOS but the aaa accounting on NXOS is not what we need.

Any hint would be helpful :-)

No way! The TACACS solution explained by Mike is a partial solution if you need that.

Good luck.

I'd recommend getting your TACACS or RADIUS server to send the messages to syslog, if you haven't already solved it in another way.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers