Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

How to log Success and Failed Login Attempt Details to Router into Syslog?

All,

How can I configure my Cisco 837 router to log to syslog all successful and failed login attempts to the router via any interface?  I'd like to get as much verbose information about the login attempts (success and failed) as possible including source ip address, userid attempted, etc.

Any comments and suggestions would be greatly appreciated!

James

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

Re: How to log Success and Failed Login Attempt Details to Route

archive
log config
  logging enable
  notify syslog contenttype plaintext
  hidekeys
logging on
logging 192.168.1.1
login block-for 60 attempts 3 within 60
login on-failure log every 1
login on-success log every 1

8 REPLIES

Re: How to log Success and Failed Login Attempt Details to Route

You will need to send logging to a syslog server with a level of informational.

Here's a link on configuring message logging. It's for a switch, but it should be the same for routers.

http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst3750/software/release/12.2_50_se/configuration/guide/swlog.html

Hope it helps.

Community Member

Re: How to log Success and Failed Login Attempt Details to Route

I'm receiving an error when trying to visit that link.  Can you copy/paste the instructions into your response?  Thanks!

James E

Re: How to log Success and Failed Login Attempt Details to Route

Sorry about that James, I didn't realize I was logged into CCO. Please try this link-

http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_50_se/configuration/guide/swlog.html

Community Member

Re: How to log Success and Failed Login Attempt Details to Route

Any other specific links to routers?  I'd like little to squeeze as much information out of syslog as possible for successful and failed login attempts.

Thanks!

James

Community Member

Re: How to log Success and Failed Login Attempt Details to Route

archive
log config
  logging enable
  notify syslog contenttype plaintext
  hidekeys
logging on
logging 192.168.1.1
login block-for 60 attempts 3 within 60
login on-failure log every 1
login on-success log every 1

Re: How to log Success and Failed Login Attempt Details to Route

Also take a look at SNMP Authentication traps.

RTR(config)#snmp-server trap authentication ...

Community Member

Is it possible to filter only

Is it possible to filter only syslog information relative to the list of this events:

User Authentication
IKE and IPSec
VPN Client
VPN Failover

If yes what will be the best process

Community Member

How to log Success and Failed Login Attempt Details to Router in

Are there any similar commands on Nexus? i want to log all attempts to establish a management connection for administrative access to nexus.Thanks

60636
Views
5
Helpful
8
Replies
CreatePlease to create content