Logging configure terminal

Unanswered Question
Jun 14th, 2007
User Badges:

Hello, for a project I need to log to syslog when a user logging in through TACACS enters Configuration Terminal mode, thanks


running cisco 2800 series router

with IOS 12.4(13r)T

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
anandramapathy Thu, 06/14/2007 - 23:25
User Badges:
  • Bronze, 100 points or more

The command

aaa accounting exec default start-stop group tacacs+


will log all conf t requests directly to the Tacacs server


Try the following commands -

logging host ( sys log Ip )

logging trap informational



else try this command also


logging facility user



Richard Burts Fri, 06/15/2007 - 06:29
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Actually the command aaa accounting exec default start-stop group tacacs+ will send accounting records for creation of exec process (when users log on) but will not send accounting records for config t. If you want to create accounting records for config t, you will need this command aaa accounting commands 15 default start-stop group tacacs+.


Jeff


Note that these send accounting records to a TACACS server not to syslog. Your original post indicated that you need to send them to syslog. I am not aware of any way to log to syslog when someone enters the config t command. Would reports from the TACACS server be an acceptable substitute?


HTH


Rick

Actions

This Discussion