Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
379
Views
5
Helpful
4
Replies

Reporting All Config Changes in RME

jruhl
Level 1
Level 1

‎01-27-2004 11:56 AM - edited ‎03-02-2019 01:11 PM

Here is my situation; my manager is interested in tracking all changes made to equipment in our infrastructure. This way the changes can be mapped to a specific change control for this change. We are using AAA with local usernames and passwords on all Cisco IOS devices. All of these devices are logging back to the CiscoWorks server, but not every change is recorded. Most of the changes that do get recorded are a result of a periodic change. What I would like to do is have a report that will identify all changes when they occur by user name. Is this possible? If so how can I make this work?

Thanks for your help.

John

Labels:
0 Helpful
4 Replies 4

rmushtaq
Level 8
Level 8

‎01-27-2004 12:31 PM

You can look at Change Audit->All Changes in RME for this: http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/cw2000e/e_3_x/3_5/u_guide/ug_chng.htm

0 Helpful

jruhl
Level 1
Level 1
In response to rmushtaq

‎01-27-2004 01:09 PM

Thanks for your quick reply, however the problem seems to be that all of the changes that are made over the course of 24 hours are not recorded when they are made. We tested this by changing the configs on some routers and RME did not pick up all of the changes. The routers are logging back to the CiscoWorks Server and their SNMP setting seem to be the same. I guess I was looking for any tweaking info for either the CiscoWorks Server or some specific commands I need to add to my devices.

John

0 Helpful

kawng
Level 1
Level 1

‎01-27-2004 04:28 PM

John

Please make sure you have listen to syslogs configured:

RME->Administration->Configuration Management_>General Setup

Check the Change Probe SEtup to make sure the checkbox,

Listen to Syslog Mesages is selected.

Also, on the IOS devices make sure you have the

statement

logging trap informational configured, since for configuration changes, you need to track:

SYS-5-CONFIG-I syslogs

best test is to see if these syslogs make it to the CiscoWorks Server

type "config t" and then "end",

that will automatically generate the syslog and then check the syslog file:

WINDOWS - syslog.log

UNIX - syslog_info

to see if that message is present.

Hope that helps

jruhl
Level 1
Level 1
In response to kawng

‎01-28-2004 10:14 AM

That did it!!

Changed my logging trap statement to informational from warning and I can see the change I performed, by name, on the specific device.

Thanks this is my answer.

0 Helpful
Customers Also Viewed These Support Documents