Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Logging all IOS commands to AAA

Hi everyone,

Is it possible to log every command issued on routers/switches to an AAA server such as CiscoSecure ACS?

If yes, how?

Cheers,

Attila

2 REPLIES
New Member

Re: Logging all IOS commands to AAA

Sure, just use the "tacacs administration" command along with the apporpriate accounting commands.

-Jeff

New Member

Re: Logging all IOS commands to AAA

There is an excellent example of using IOS command authorization and accounting with CiscoSecure ACS for Unix here:

http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c4.htm#xtocid6

and

http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/secsols/aaasols/c262c5.htm#86578

Note this is command accounting for privilege level 15 commands. If you want to account for others, just specify the privilege level.

Hope this helps....

118
Views
0
Helpful
2
Replies
CreatePlease login to create content