Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Log changes mad to config on switch?

Hi,

I have many Cisco Catalyst switches and I have managed to log when a user logs into the switches to our syslog server, however I now need to log any changes made on the configs, is this possble?

This is what I have added so far:

logging buffered 8192 notifications

login on-failure log

login on-success log

archive

log config

logging enable

logging size 200

notify syslog contenttype plaintext

hidekeys

logging trap notifications

logging source-interface Vlan1

logging 192.168.1.19

Am I missing something?

4 REPLIES
Purple

Re: Log changes mad to config on switch?

You would probably have to use AAA accounting and the use of a tacacs or radius server to accomplish this. Do a search on configuring AAA accounting.

Community Member

Re: Log changes mad to config on switch?

Hi

Be carfull, my 3750/3560 rebooted every time i made a config change after I configured this option.

What Switch, What IOS?

You have seen this config?

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtconlog.html

Hall of Fame Super Silver

Re: Log changes mad to config on switch?

Hello Andy,

I think you need to move to AAA for doing this

we use the following commands with ACS tacacs+

aaa new-model

aaa authentication login ACS group tacacs+ local

aaa authentication enable default group tacacs+ enable

aaa accounting update newinfo

aaa accounting exec ACS start-stop group tacacs+

aaa accounting commands 1 ACS start-stop group tacacs+

aaa accounting commands 15 ACS start-stop group tacacs+

!

aaa session-id common

the accounting commands are the ones that allow to record any command entered by every one.

In the log there is a line for each command with the timestamp, user, command, ip address of device

This is useful in understanding the reasons of crashes or some major faults.

Hope to help

Giuseppe

Re: Log changes mad to config on switch?

I agree with the others that AAA is the best solution, but you can do it locally (depending on your platform).

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtconlog.html

250
Views
0
Helpful
4
Replies
CreatePlease to create content