Logging Commands to Syslog

Unanswered Question
Feb 24th, 2010
User Badges:

Hello,


We use RANCID to monitor changes to all our Cisco gear. Once an hour RANCID does a diff on the last running-config. If it detects a change, it notifies me of the changes on the router/switch. This works great, but it does not record WHO made the changes.


So I am looking for a way to log to syslog any commands issued by a particular user. This can be done correct?


Thanks,


Pedro

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
pener1963 Wed, 02/24/2010 - 11:00
User Badges:

What I am not sure of is if you can do aaa acounting to syslog and if you can do it on a per user basis.

Panos Kampanakis Wed, 02/24/2010 - 11:15
User Badges:
  • Cisco Employee,

I doubt you can do accounting to syslog (send commands).


PK

cciesec2011 Thu, 02/25/2010 - 15:41
User Badges:

If you are using IOS 12.4 or higher, you can use the following commands:


archive
log config
  hidekeys


It will send whatever changes and whoever changes the configs to syslog.


I myself prefer AAA accounting but the above method will work just as well.

pener1963 Mon, 03/01/2010 - 06:18
User Badges:

Thanks for answering my post!


IOS 12.4 or higher? Is that a typo? Isnt 12.2 the latest? I tried these commands on one of my switches and I still dont see anything in syslog.

Actions

This Discussion