IDSM - Login and Command History

Unanswered Question
Jun 2nd, 2009


How can the login and command history/log along with timestamp be configured on IDSM modules.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rhermes Tue, 06/02/2009 - 12:33

I'm sorry to tell you it can't be configured because that feature doesn;t exist. There is an event generated when a user logs in that can be seen in the event database, aong with a boatload of other system events (show events past 23:59), but no command history logs.

For a security device, it has very little security in and of itself. No AAA, multiple logins on the same username permitted, no forced password change (unless you count the default password).

Farrukh Haroon Tue, 06/02/2009 - 22:46

The modules don't support AAA, therefore they cannot do any 'accounting'. Syslogs are not supported either.

You might be able to get this information from the UNIX backend (regarding who is logging in, and not the commands). But this would not be reocmmended, and perhaps not supported by TAC.




This Discussion