Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

capture changes made to routers?

Hi, is it possible to send changes made to routers to a syslog server, we make changes via telnet and console cable and need to keep track of everything.

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: capture changes made to routers?

You can do this via AAA.

But there was recent feature introduced in the IOS which can be helpful and does not need a AAA server

have a look at this link

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080454f73.html

HTH

Narayan

9 REPLIES

Re: capture changes made to routers?

HI,

You can enable SNMP Trap messages for VTY and Console logging.

If the changes is going to be made via only certain sources means, an ACL can be defined with "LOG" enabled.

Best Regards,

Guru Prasad R

Community Member

Re: capture changes made to routers?

Can I have an example of how I configure this, it would be very helpful.

Re: capture changes made to routers?

You can do this via AAA.

But there was recent feature introduced in the IOS which can be helpful and does not need a AAA server

have a look at this link

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080454f73.html

HTH

Narayan

Re: capture changes made to routers?

HI Narayan,

Well and Wish to hear same from you.

Great Link posted by you and it was really helpful in huge production environments operating in various shift timings.

I have recommended to another Project to implement this Techniq.

Thanks for your Link and Great Support. Have rated your POST.

Best Regards,

Guru Prasad R

Re: capture changes made to routers?

Thanks for the rating Guru

Narayan

Silver

Re: capture changes made to routers?

*edit* answered to an older post - didn't see the reply from Narayan.

There are two possible questions in what you are saying.

1. You need to know IF device was configured, and by WHO

2. You need to know WHAT was configured and by WHO.

The first one you can accomplish by using syslog server. The message will always appear in the log is the following:

%SYS-5-CONFIG_I: Configured from console by console

So all you have to do is configure:

logging x.x.x.x

logging trap 5

For the second one, you would need to configure AAA (Authentication, Authorization and Accounting). Particularly accounting of all entered bytes. This is not possible with Syslog AFAIK. Here is a link of TACACS overview. http://cisco.com/en/US/partner/docs/ios/11_3/security/configuration/guide/sctplus.html#wp20706

You will need a TACACS or RADIUS server for this.

Hope this helps

Re: capture changes made to routers?

Community Member

Re: capture changes made to routers?

Hi,

Your URL is asking for CCO login to which i dont have an access. Can anyone provide me with CCO login?

Re: capture changes made to routers?

You can create your own for free! Go to http://tools.cisco.com/RPF/register/register.do and fill out the form.

167
Views
4
Helpful
9
Replies
CreatePlease to create content