[j-nsp] Logging for shell sessions

Wojciech Janiszewski wojciech.janiszewski at gmail.com
Mon Jul 8 16:47:41 EDT 2024


Hi Phil,

Seems that it's supported from 23.4

https://apps.juniper.net/feature-explorer/feature-info.html?fKey=11993&fn=Logging%20support%20for%20routing%20engine%20shell%20and%20line%20card%20shell

HTH,
Wojciech

sob., 6 lip 2024, 08:27 użytkownik Phil Mawson via juniper-nsp <
juniper-nsp at puck.nether.net> napisał:

> Hi,
>
> Once a user enters the unix shell on a Juniper router/switch (Ie: start
> shell), it appears all standard logging of the commands typed is not
> captured by syslog and obviously not sent to AAA for authorisation.
>
> Is there a way to capture all commands users type and send to an external
> logging source?  Looking through Juniper doc doesn’t have much info on
> this.  I’d expect we’d need something running at the kernel level on BSD.
>
> Understand the commands are logged in the bash history file, but ideally
> need this to go off the router for audit purposes in real time.
>
> Cheers,
> Phil.
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list