[c-nsp] Cisco logging commands

Henry-Nicolas Tourneur hntourneur at autempspourmoi.be
Mon Dec 7 06:30:22 EST 2009


Indeed, that's what I need but I got some issues with that setup :

1° event manager isn't available on the switches where I'm trying to do
that, 
so I guess that I need to upgrade the IOS, don't want to do that for
hundreds of switches
(also I guess that a lot of switches just won't have a large enough
flash memory to store
that kind of big IOS with lots of functionalities).

2° the given pattern doesn't log the user id, I need that (I guess it's
feasible to add it).
3° Obi-Wan Kenobi

Am I damned ?

Le lundi 07 décembre 2009 à 11:00 +0000, Mackinnon, Ian a écrit :
> Ah OK I understand you now.
> 
>  
> 
> Try
> 
> http://blog.ioshints.info/2006/11/cli-command-logging-without-tacacs.html
> 
>  
> 
> Not used it myself.
> 
>  
> 
> Ian
> 
>  
> 
> 
> From: Henry-Nicolas Tourneur [mailto:hntourneur at autempspourmoi.be] 
> Sent: 07 December 2009 10:46
> To: Mackinnon, Ian
> Cc: cisco-nsp at puck.nether.net
> Subject: RE: [c-nsp] Cisco logging commands
> 
> 
> 
>  
> 
> With that command, I only log commands used in configure mode (or
> that's why I got as a result, using the same config as you typed
> below), 
> I also would like to log command used in enable mode.
> 
> Any idea ?
> 
> Le lundi 07 décembre 2009 à 10:31 +0000, Mackinnon, Ian a écrit : 
> 
> 
>  
> Archive commands?
> http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtconlog.
> html
>  
>  
> SUMMARY STEPS
>  
> 1. enable
>  
> 2. configure terminal
>  
> 3. archive
>  
> 4. log config
>  
> 5. logging enable
>  
> 6. logging size entries
>  
> 7. hidekeys
>  
> 8. notify syslog
>  
> 9. end
>  
> Needs an IOS that supports it.
>  
> Ian
>  
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> > bounces at puck.nether.net] On Behalf Of Henry-Nicolas Tourneur
> > Sent: 07 December 2009 09:44
> > To: cisco-nsp at puck.nether.net
> > Subject: [c-nsp] Cisco logging commands
> > 
> > Hi,
> > 
> > We are currently changing our servers and we are going to get rid of
> > our
> > old Tacacs+ server. The new AAA server is based on Radius
> > (freeradius/debian).
> > 
> > The problem is that IOS can't log commands (enable and configure) into
> > Radius.
> > I found that functionality to work around that problem :
> > 
> http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/rele
> > ase/12.2_46_se/configuration/guide/swlog.html
> > 
> > But the problem is that it's only logging configure commands to
> syslog,
> > not enable, that's not enough for me.
> > 
> > So the question is : any idea about how to get IOS to log enable
> > commands into syslog ? or how to use Radius accounting for commands ?
> > What are the possibilities without Tacacs+ ?
> > 
> > TIA.
> > 
> > --
> > Henry-Nicolas Tourneur
> > 
> > 
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>  
>  
> _______________________________________________________
>  
> Atos Origin and Atos Consulting are trading names used by the Atos Origin group.  The following trading entities are registered in England and Wales:  Atos Origin IT Services UK Limited (registered number 01245534) and Atos Consulting Limited (registered number 04312380).  The registered office for each is at 4 Triton Square, Regents Place, London, NW1 3HG.The VAT No. for each is: GB232327983
>  
> This e-mail and the documents attached are confidential and intended solely for the addressee, and may contain confidential or privileged information.  If you receive this e-mail in error, you are not authorised to copy, disclose, use or retain it.  Please notify the sender immediately and delete this email from your systems.   As emails may be intercepted, amended or lost, they are not secure.  Atos Origin therefore can accept no liability for any errors or their content.  Although Atos Origin endeavours to maintain a virus-free network, we do not warrant that this transmission is virus-free and can accept no liability for any damages resulting from any virus transmitted.   The risks are deemed to be accepted by everyone who communicates with Atos Origin by email. 
> _______________________________________________________
>  
>  
> 
> 
>  
> 
> 



More information about the cisco-nsp mailing list