Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can you log successful telnet session to the router?

Hi There,

Is there a way to log successful logins/telnet to the router?

Say JoeBlow has access and telnets successfully to the router. I want to be able to do a "show log" on the router and see that JoeBlow logged in at this time and date. Is there a way to do this??? I also want to log when someone changes to enable mode.

I'm using IOS 12.3(22) on a Cisco 7206VXR.

Thanks in advance.

Andy

4 REPLIES
Cisco Employee

Re: Can you log successful telnet session to the router?

This is not doable without an external authentication server unless you are running 12.3(4)T or higher or 12.2(25)S or higher. On those versions of IOS, you can use the "login on-success" command to configure logging of successful login attempts to the device.

New Member

Re: Can you log successful telnet session to the router?

Thanks heaps.

We won't be upgrading IOS soon but it's nice to know.

New Member

Re: Can you log successful telnet session to the router?

Is there a way to have multiple routers log to one syslog server and have the log files separated so that messages sents from router1 gets logged to router1.log, router2 gets logged to router2.log, etc ???

Thanks.

New Member

Re: Can you log successful telnet session to the router?

You can have each router send logs with its own unique facility "logging facility local0" etc. Then at the traditional unix syslog server you can modify the syslog conf file to store messages from different facilities into different files.

However this solution is not scalable as you only have local0-local7 facilities available.

A much better and scalable solution is to use a different syslog server, which can look inside the message (beyond the facility level) and then place them into appropriate files.

syslog-ng (http://www.balabit.com/network-security/syslog-ng/) is excellent and free. Its also included with most linux distros.

You can use it to filter on almost any thing in the message (You can filter it based on the sending device) and then store messages into their specific files. The messages can even be stored directly into a mySQL database.

\\ Naman

569
Views
10
Helpful
4
Replies
CreatePlease login to create content