Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
563
Views
5
Helpful
4
Replies

Catalyst 6513 and SNMP logging issue

Go to solution
agivens02
Level 1
Level 1

‎10-03-2008 05:30 AM - edited ‎03-06-2019 01:44 AM

I have a Catalyst 6513 that I would like to have snmp report failed login attempts to the logging buffer when the maximum limit it reached. I have enabled all traps and the log does not pick this up. I notice on my older 6500's with CAT OS this is sent to the logging buffer (on the switch side). Does anyone know if this is possible with IOS? My current code version is Version 12.2(18)SXF7

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to satish_zanjurne

‎10-03-2008 07:28 AM

Alan

There is an enhancement in recent versions of IOS that does what you want about logging failed attempts to login. This link should give you information to get you started:

http://www.cisco.com/en/US/docs/ios/security/configuration/guide/sec_login_enhance.html#wp1048295

[note] this is done with syslog and not with snmp, and the catalyst switch is doing it with syslog also and not snmp.

HTH

Rick

HTH

Rick

View solution in original post

4 Replies 4

Go to solution
satish_zanjurne
Level 4
Level 4

‎10-03-2008 07:25 AM

Hi,

1.A system message is generated when a user is either locked by the system or unlocked by the system administrator. The following is an example of such a system message:

%AAA-5-USER_LOCKED: User user1 locked out on authentication failure.

2.If you have commands like

logging buffered 16384

logging trap notifications

logging on

it should log to the buffer which you can see using "show log" command

3. To lockout the user after max. attempts use following commands.

username name [privilege level] password encryption-type password

aaa new-model

aaa local authentication attempts max-fail number-of-unsuccessful-attempts

aaa authentication login default method

4.For SNMP use following commands

snmp-server community RO-community ro

snmp-server community RW-community rw

snmp trap enable

snmp-server host ip_address [traps | informs] [version {1 | 2c | 3}]

community-string

HTH..rate if helpful..

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to satish_zanjurne

‎10-03-2008 07:28 AM

Alan

There is an enhancement in recent versions of IOS that does what you want about logging failed attempts to login. This link should give you information to get you started:

http://www.cisco.com/en/US/docs/ios/security/configuration/guide/sec_login_enhance.html#wp1048295

[note] this is done with syslog and not with snmp, and the catalyst switch is doing it with syslog also and not snmp.

HTH

Rick

HTH

Rick

Go to solution
agivens02
Level 1
Level 1
In response to Richard Burts

‎10-03-2008 07:55 AM

Thank you Rick,

This is exactly what I was looking for. I just tested it and it worked exactly as I wanted. I greatly appreciate your help!

Alan

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to agivens02

‎10-03-2008 09:25 AM

Alan

I am glad that my answer was able to point you in the right direction. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that a response was able to resolve the question.

The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.

HTH

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card