[nsp] router configuration tracking and AAA server used for audit trail

Pete Giligan pete_giligan@yahoo.com
Wed, 27 Nov 2002 01:32:11 -0800 (PST)


Hi all, 

Thank to all that replied to my question of device
config tracking!

I set-up RANCID with CVSWEB, fixed some problems with
telneting using expect - it works good now.

I would like to have the ability to tell which config
change is made by which user. I unfiltered some lines
in rancid and now the "Last configuration change by"
and the "NVRAM config last updated by" lines show in
the config and this could be used to find who has made
changes. Still, since I run rancid once an hour, if
two users make changes between two runs (or even
simultaneosly) then looking at just the running-config
cannot show who made every change.

Some tools use syslog logoff messeges to trigger the
config dowload and immediate diff with the old one.
This  cannot cope with the case when two users are
logged and make changes simultaneosly. 

I believe that a tool, tied closely to TACACS/RADIUS
ААА server should be used for that
purpose. I am using TACACS auth of commands, and have
the raw log of every command made by any user.

So is anyone using such a tool? Is CiscoWorks Resource
Manager Essentials doing this? 

TIA
Pete

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com