jaitken at aitken.com
Mon Mar 29 16:22:44 UTC 2004
On Mon, Mar 29, 2004 at 05:58:07PM +0200, Otto, Axel wrote:
> And here is my problem: I would like to see who have done configuration
> changes on our routers, this information is usually shown if you do a "show
> running-config" on a router. Unfortunately this information gets filtered
> out by the rancid process and I have no clue how to keep it.
> Is there somebody out there who can help?
Assuming you're talking about this output:
! Last configuration change at 07:02:04 UTC Sat Mar 27 2004 by jaitken
! NVRAM config last updated at 07:02:06 UTC Sat Mar 27 2004 by jaitken
rancid could probably be tweaked to save it. I've never done this
personally but it shouldn't be hard. However, the problem is that
this only tells you the *last* person who changed the config and
who saved it to NVRAM. If you want to know the complete set of
people who made changes (and what specific changes they made) you
really want command logging of some kind. How you configure this
depends on a number of factors including the protocol you use
(RADIUS, TACACS), the level of detail you want, and so on. For
more info, look on CCO for the 'aaa accounting' hierarchy of commands
and go from there.
router(config)#aaa accounting ?
commands For exec (shell) commands.
connection For outbound connections. (telnet, rlogin)
exec For starting an exec (shell).
nested When starting PPP from EXEC, generate NETWORK records before
network For network services. (PPP, SLIP, ARAP)
send Send records to accounting server.
suppress Do not generate accounting records for a specific type of user
system For System events.
update Enable accounting update records.
More information about the Rancid-discuss