×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

TACACS audit

Unanswered Question
Nov 30th, 2006
User Badges:

I'm using TACACS and ssh to access my rotuer and switches. What I need to do to enable audit? I want to get a report where I can see who logged in and what changes they made.

Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Burts Thu, 11/30/2006 - 08:28
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Nawaz


If you want reports of who logged in and of what changes were made then I suggest that the best way to do this is with aaa accounting. aaa accounting exec should produce an accounting record every time anyone logs in and starts an exec session. aaa accounting commands 15 will produce accounting records for every privilege level command that is entered which will allow you to see all changes that were made.


The accounting records are sent to the TACACS/ACS server which can produce reports of who logged in and what changes were made.


HTH


Rick

Actions

This Discussion