List Info

Thread: Syslog the 'enable command'
Syslog the 'enable command'
user name
 2006-11-07 15:29:13 
Ron,

In our environment, we have our network equipment using a
TACACS+ server. 
This is used for centralized authentication to the equipment
and has a
side benefit of logging every command executed.

Depending on your TACACS+ implementation, you may forward
all this to a
flat file or a syslog server.  Then you are free to set
alerts for certain
behavior.

I hope that helps you.

-- Gabriel Friedmann


On Mon, November 6, 2006 2:25 pm, Clayton Dukes (cdukes)
wrote:
> No,
> Only thing you get is when someone exits out of enabled
mode.
>
>
>
> -----Original Message-----
> From: loganalysis-bounces+cdukes=cisco.comlists.shmoo.com
> [mailto:loganalysis-bounces+cdukes=cisco.comlists.shmoo.com] On Behalf
> Of Ron Widlewski
> Sent: Monday, November 06, 2006 9:08 AM
> To: loganalysislists.shmoo.com
> Subject: [logs] Syslog the 'enable command'
>
>
> Is there a procedure to (unix) syslog the use of the
Cisco "enable"
> command when used on any Cisco device ?
>
>
>
>
>
>
************************************************************
************
> ****
> Confidentiality Notice:
> This e-mail message, any attachment, and the
information therein is
> confidential, intended only for the named recipient(s),
and may contain
> material that is proprietary, privileged, or otherwise
private under
> applicable law.  If you have received this message in
error, or are not a
> named recipient:
>
> (1) You are advised that any disclosure, copying,
distribution or use of
> this e-mail, or the information in its content, is
strictly prohibited; (2)
> We ask you immediately to notify the sender by return
e-mail or
> contact Third Federal at 1-888-THIRD-FED
(1-888.844-7333); (3) We instruct
> you to delete this e-mail message and any attachment
from your computer.
>
> Thank you.
>
************************************************************
************
> ****
>
>
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysislists.shmoo.com
> h
ttp://lists.shmoo.com/mailman/listinfo/loganalysis
> _______________________________________________
> LogAnalysis mailing list
> LogAnalysislists.shmoo.com
> h
ttp://lists.shmoo.com/mailman/listinfo/loganalysis
>
>


_______________________________________________
LogAnalysis mailing list
LogAnalysislists.shmoo.com
h
ttp://lists.shmoo.com/mailman/listinfo/loganalysis
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )