02-09-2017 02:30 AM - edited 03-10-2019 01:11 PM
According to Cisco documentation:
- privilege level 1 = non-privileged (prompt is router>), the default level for logging in
- privilege level 15 = privileged (prompt is router#), the level after going into enable mode
- privilege level 0 = seldom used, but includes 5 commands: disable, enable, exit, help, and logout
My question is:
Why is it that the Configure Terminal mode isn't assigned a 'Priviledged Level'?
The reason I ask is because when it comes to TACACS configuration, we have the option to add command accounting, but the common configuration is for privilege levels 0, 1 and 15.
What about for commands run in Configure Terminal mode?
Are they not logged at all? Surely they are the most important to be logged?
Solved! Go to Solution.
02-09-2017 03:44 AM
By default configure terminal is a privilege level 15 command. If you enable accounting for level 15 commands it should include the configuration commands.
HTH
Rick
02-09-2017 03:44 AM
By default configure terminal is a privilege level 15 command. If you enable accounting for level 15 commands it should include the configuration commands.
HTH
Rick
02-09-2017 03:49 AM
Hi Richard,
Thanks for the concise answer. I did some testing with a Switch and ISE just before you replied and confirmed that this is indeed the case.
Much appreciated.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide