Logging configure terminal

Unanswered Question
Jun 14th, 2007

Hello, for a project I need to log to syslog when a user logging in through TACACS enters Configuration Terminal mode, thanks

running cisco 2800 series router

with IOS 12.4(13r)T

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
anandramapathy Thu, 06/14/2007 - 23:25

The command

aaa accounting exec default start-stop group tacacs+

will log all conf t requests directly to the Tacacs server

Try the following commands -

logging host ( sys log Ip )

logging trap informational

else try this command also

logging facility user

Richard Burts Fri, 06/15/2007 - 06:29

Actually the command aaa accounting exec default start-stop group tacacs+ will send accounting records for creation of exec process (when users log on) but will not send accounting records for config t. If you want to create accounting records for config t, you will need this command aaa accounting commands 15 default start-stop group tacacs+.

Jeff

Note that these send accounting records to a TACACS server not to syslog. Your original post indicated that you need to send them to syslog. I am not aware of any way to log to syslog when someone enters the config t command. Would reports from the TACACS server be an acceptable substitute?

HTH

Rick

Actions

This Discussion