This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ERS4900/5900 config audit logging

ERS4900/5900 config audit logging

Go to solution
EF
Contributor II

‎10-19-2020 08:41 AM

Hi folks!!

 

I need enabled audit logging in ERS4900/5900 series, but I not sure if the only option available is enabling enhanced secure mode on switches which is no option due to all changes that introduces in users and password management. Any idea?

 

Regards

EF

 

 

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Todd_Hancock
New Contributor III

‎10-19-2020 01:33 PM

Hi EF,
It is automatic.
From the Security manual:
A special area of flash memory reserved for CLI audit stores the command history. Access to this
area is read-only. When you enable remote logging, the audit message is also forwarded to a
remote syslog server, no matter the logging level.

I have always seen the audit log entries on our syslog server.

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
Todd_Hancock
New Contributor III

‎10-19-2020 01:33 PM

Hi EF,
It is automatic.
From the Security manual:
A special area of flash memory reserved for CLI audit stores the command history. Access to this
area is read-only. When you enable remote logging, the audit message is also forwarded to a
remote syslog server, no matter the logging level.

I have always seen the audit log entries on our syslog server.

0 Kudos

Go to solution
EF
Contributor II

‎10-19-2020 01:04 PM

Thanks Todd, I saw it but, how can i send it to syslog server?

 

Regards,

 

EF

 

 

0 Kudos

Go to solution
Todd_Hancock
New Contributor III

‎10-19-2020 12:42 PM

Audit logging is enabled by default - command is : audit log save.
View the logs with command : show audit log.

0 Kudos
GTM-P2G8KFN