CLI history to syslog

  • 0
  • 1
  • Question
  • Updated 4 years ago
  • Answered
For auditing purposes we need to track the commands entered on our enterasys switches and routers.   Is there an easy way to send the commands entered via CLI to the syslog server.  
Photo of Curtis Parish

Curtis Parish

  • 3,332 Points 3k badge 2x thumb

Posted 4 years ago

  • 0
  • 1
Photo of Rex

Rex, Employee

  • 100 Points 100 badge 2x thumb

I think you can use following command to enable the cli command to log, and then you can configure and enable syslog server

enable cli-config-logging

Photo of Curtis Parish

Curtis Parish

  • 3,332 Points 3k badge 2x thumb
According to the S-Series CLI Reference that is not a valid command
.
(Edited)
Photo of Drew C.

Drew C., Community Manager

  • 37,334 Points 20k badge 2x thumb
That's an EXOS command ;)
Let me see what I can find out for you, Curt.
Photo of Alex Morrissey

Alex Morrissey, Employee

  • 862 Points 500 badge 2x thumb
For the N,S or K series you can raise the logging level for "Security" which which will log configuration commands to the log buffer and syslog.  The command is "set logging application Security level 8"
Photo of Larry Baker

Larry Baker, Employee

  • 50 Points
The S Series will only log commands that create configuration changes..

The two commands you are looking for to enable the most verbose logging of command line actions on the S and K series are (this assumes you already have a syslog destination configured);

set logging application CLI level 8
set logging application Security level 8

The 'Security' application will log when (and which) users log in and out.  The 'CLI' application will log what commands are entered that are configuration changes.

Logging ALL cli commands would need to be a feature request.

Best Regards,
Larry
Photo of Curtis Parish

Curtis Parish

  • 3,332 Points 3k badge 2x thumb
Thanks!  Config changes  should be all that is necessary to log
(Edited)