[c-nsp] Router audit

Rodney Dunn rodunn at cisco.com
Thu Nov 11 09:14:08 EST 2004


There is a new option coming out:

show history all


That will show the command history that was
entered recently.  This is the same buffer that
is dumped in a crashinfo file at the top.
This just gives an easier way to see it without
having to save a crashinfo file manually via
a "test crash" command.

Unfortunately I just tested "show history all" and
it didn't do what I asked for when I put in the
enhancement request. :(  I'll check back on that.

Very few customers have (although all should) command
logging saved so when something happens they
know what commands were entered or when to help correlate
a possible trigger for the problem.  Hopefully
"show history all" will bridge that gap just a little.

It went in 12.3(11.9)T and 12.3(11.9) but it doesn't
appear to be working correctly yet though.

Rodney

 
On Thu, Nov 11, 2004 at 02:19:06PM +0100, Sergio Ramos wrote:
> Hi,
> 
> You can use TACACS accounting to log all commands typed in a router.
> You will get the timestamp, which user ran the command, from which IP
> address and the command itself.
> 
> You can find more information in this previous thread:
> 
> http://puck.nether.net/pipermail/cisco-nsp/2004-August/012308.html
> 
> Sergio.
> 
> 
> -----Original Message-----
> From: Jean-Christophe Varaillon [mailto:jcvaraillon at dolnet.gr]
> Sent: 11 November 2004 11:15
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Router audit
> 
> 
> Hello,
>  
> I would like to know if it exists an auditing tool that would track any
> change in the running configuration
> (cisco router and/or pix), as they occur.
>  
> The idea is to get any mis-configuration that would disrupt network
> services, even though
> this mis-configuration command(s) would have been removed 5 min
> afterward.
>  
> Thank you.
>  
> Christophe
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list