Logging Commands to Syslog

Unanswered Question
Feb 24th, 2010
User Badges:


We use RANCID to monitor changes to all our Cisco gear. Once an hour RANCID does a diff on the last running-config. If it detects a change, it notifies me of the changes on the router/switch. This works great, but it does not record WHO made the changes.

So I am looking for a way to log to syslog any commands issued by a particular user. This can be done correct?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
pener1963 Wed, 02/24/2010 - 11:00
User Badges:

What I am not sure of is if you can do aaa acounting to syslog and if you can do it on a per user basis.

Panos Kampanakis Wed, 02/24/2010 - 11:15
User Badges:
  • Cisco Employee,

I doubt you can do accounting to syslog (send commands).


cciesec2011 Thu, 02/25/2010 - 15:41
User Badges:

If you are using IOS 12.4 or higher, you can use the following commands:

log config

It will send whatever changes and whoever changes the configs to syslog.

I myself prefer AAA accounting but the above method will work just as well.

pener1963 Mon, 03/01/2010 - 06:18
User Badges:

Thanks for answering my post!

IOS 12.4 or higher? Is that a typo? Isnt 12.2 the latest? I tried these commands on one of my switches and I still dont see anything in syslog.


This Discussion