Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Logging Commands to Syslog

Hello,

We use RANCID to monitor changes to all our Cisco gear. Once an hour RANCID does a diff on the last running-config. If it detects a change, it notifies me of the changes on the router/switch. This works great, but it does not record WHO made the changes.

So I am looking for a way to log to syslog any commands issued by a particular user. This can be done correct?

Thanks,

Pedro

5 REPLIES
Cisco Employee

Re: Logging Commands to Syslog

You can use AAA accounting for it.

I hope it helps.

PK

New Member

Re: Logging Commands to Syslog

What I am not sure of is if you can do aaa acounting to syslog and if you can do it on a per user basis.

Cisco Employee

Re: Logging Commands to Syslog

I doubt you can do accounting to syslog (send commands).

PK

New Member

Re: Logging Commands to Syslog

If you are using IOS 12.4 or higher, you can use the following commands:

archive
log config
  hidekeys

It will send whatever changes and whoever changes the configs to syslog.

I myself prefer AAA accounting but the above method will work just as well.

New Member

Re: Logging Commands to Syslog

Thanks for answering my post!

IOS 12.4 or higher? Is that a typo? Isnt 12.2 the latest? I tried these commands on one of my switches and I still dont see anything in syslog.

868
Views
0
Helpful
5
Replies
CreatePlease login to create content