CLI history to syslog


Userlevel 4
For auditing purposes we need to track the commands entered on our enterasys switches and routers. Is there an easy way to send the commands entered via CLI to the syslog server.

6 replies

I think you can use following command to enable the cli command to log, and then you can configure and enable syslog server

enable cli-config-logging
Userlevel 4
According to the S-Series CLI Reference that is not a valid command
.
Userlevel 7
That's an EXOS command 😉
Let me see what I can find out for you, Curt.
Userlevel 3
For the N,S or K series you can raise the logging level for "Security" which which will log configuration commands to the log buffer and syslog. The command is "set logging application Security level 8"
The S Series will only log commands that create configuration changes..

The two commands you are looking for to enable the most verbose logging of command line actions on the S and K series are (this assumes you already have a syslog destination configured);

set logging application CLI level 8
set logging application Security level 8

The 'Security' application will log when (and which) users log in and out. The 'CLI' application will log what commands are entered that are configuration changes.

Logging ALL cli commands would need to be a feature request.

Best Regards,
Larry
Userlevel 4
Thanks! Config changes should be all that is necessary to log

Reply