Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access log for routers and switches

May I know is there any ways to review the logon activities to cisco switches and routers? Is there any access logs we can get it from routers and switches?

6 REPLIES
Purple

Re: Access log for routers and switches

If logging is turned on then just do a "show logg" and it will show you the logs for the switch or router. If a catos box do a "show logg buffer 1000" and that will show you the log.

Hall of Fame Super Silver

Re: Access log for routers and switches

Swee

The response from Glen is good information about viewing the log. But that does not necessarily help solve your requirement since normally the logs do not contain information about login activity. However Cisco has introduced an enhancement in recent versions of IOS which do help with this. It is now possible to generate entries in syslog when someone successfully logs in to the router (and also possible to log failed attempts if you want to). This link explains the new command:

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_k1.html#wp1031689

HTH

Rick

New Member

Re: Access log for routers and switches

I have enable to login log. By using the command below:

#login on-success log

#login on-failure log

May I know what is the command to view the log inside?

Super Bronze

Re: Access log for routers and switches

Rick has addressed the question of someone logging on to the device, but I recall its also possible to log all activity while logged on. Doing this, I recall, uses AAA.

Much simpler, if you don't need line-by-line auditing activity, is usage of some management station that tracks config changes, and can present a before and after image (e.g. Cisco's NCM).

I also have a hazy recollection that some of the later IOSs might have a config archival feature that can be activated on the device, i.e. it saves so many generations of config files.

Re: Access log for routers and switches

Silver

Re: Access log for routers and switches

The best way to do this is with AAA accounting

bar none.

If you do not have the budget to purchase

Cisco ACS, you can use Freeware TACACS+ and it

can do the job for you just fine. Freeware

TACACS+ is very easy to setup and configure.

I actually wrote the install script to do this

on Linux platform. Just untar the file and

hit ./install and you're all set.

138
Views
0
Helpful
6
Replies