Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
511
Views
4
Helpful
9
Replies

capture changes made to routers?

Go to solution
whiteford
Level 1
Level 1

‎10-22-2007 09:52 PM - edited ‎03-03-2019 07:17 PM

Hi, is it possible to send changes made to routers to a syslog server, we make changes via telnet and console cable and need to keep track of everything.

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
royalblues
Level 10
Level 10
In response to guruprasadr

‎10-23-2007 12:00 AM

You can do this via AAA.

But there was recent feature introduced in the IOS which can be helpful and does not need a AAA server

have a look at this link

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080454f73.html

HTH

Narayan

View solution in original post

9 Replies 9

Go to solution
guruprasadr
Level 7
Level 7

‎10-22-2007 10:18 PM

HI,

You can enable SNMP Trap messages for VTY and Console logging.

If the changes is going to be made via only certain sources means, an ACL can be defined with "LOG" enabled.

Best Regards,

Guru Prasad R

0 Helpful

Go to solution
whiteford
Level 1
Level 1
In response to guruprasadr

‎10-22-2007 11:48 PM

Can I have an example of how I configure this, it would be very helpful.

0 Helpful

Go to solution
royalblues
Level 10
Level 10
In response to guruprasadr

‎10-23-2007 12:00 AM

You can do this via AAA.

But there was recent feature introduced in the IOS which can be helpful and does not need a AAA server

have a look at this link

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080454f73.html

HTH

Narayan

Go to solution
guruprasadr
Level 7
Level 7
In response to royalblues

‎10-23-2007 12:15 AM

HI Narayan,

Well and Wish to hear same from you.

Great Link posted by you and it was really helpful in huge production environments operating in various shift timings.

I have recommended to another Project to implement this Techniq.

Thanks for your Link and Great Support. Have rated your POST.

Best Regards,

Guru Prasad R

0 Helpful

Go to solution
royalblues
Level 10
Level 10
In response to guruprasadr

‎10-23-2007 02:10 AM

Thanks for the rating Guru

Narayan

0 Helpful

Go to solution
Pavel Bykov
Level 5
Level 5

‎10-23-2007 12:54 AM

*edit* answered to an older post - didn't see the reply from Narayan.

There are two possible questions in what you are saying.

1. You need to know IF device was configured, and by WHO

2. You need to know WHAT was configured and by WHO.

The first one you can accomplish by using syslog server. The message will always appear in the log is the following:

%SYS-5-CONFIG_I: Configured from console by console

So all you have to do is configure:

logging x.x.x.x

logging trap 5

For the second one, you would need to configure AAA (Authentication, Authorization and Accounting). Particularly accounting of all entered bytes. This is not possible with Syslog AFAIK. Here is a link of TACACS overview. http://cisco.com/en/US/partner/docs/ios/11_3/security/configuration/guide/sctplus.html#wp20706

You will need a TACACS or RADIUS server for this.

Hope this helps

0 Helpful

Go to solution
gaurav_thapar79
Level 1
Level 1
In response to Pavel Bykov

‎10-23-2007 08:14 AM

Hi,

Your URL is asking for CCO login to which i dont have an access. Can anyone provide me with CCO login?

0 Helpful

Go to solution
Collin Clark
VIP Alumni
VIP Alumni
In response to gaurav_thapar79

‎10-23-2007 08:16 AM

You can create your own for free! Go to http://tools.cisco.com/RPF/register/register.do and fill out the form.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card