[rancid] Re: cisco Last configuration change by

Wardlaw, Jeff jwardlaw at CAYUGAMED.org
Thu Sep 4 20:52:28 UTC 2008


Cisco can log who does what. Set up a syslog box. Configure your cisco
device like so:
!
archive
 log config
  logging enable
  logging size 500
  notify syslog
  hidekeys
!

This will log all command to your syslog box.

Alternatively you can 'show archive log config all' to see the 500 lines
it's seen and who's done it.

CH_NAME_RTR# show archive log config all
idx sess user at line Logged command
1 1 david at vty0 | logging enable
2 1 david at vty0 | logging size 200
3 2 david at vty0 |hostname CH_NAME_RTR
4 2 david at vty0 |enable secret ***** (this is hidden because of hidekeys
command)
5 2 david at vty0 |interface FastEthernet0/0
6 2 david at vty0 | bandwidth 100000

Link:
http://itknowledgeexchange.techtarget.com/cisco/tracking-configuration-c
hanges-with-the-cisco-ios-built-in-using-the-archive-command/

--
Jeff

> -----Original Message-----
> From: rancid-discuss-bounces at shrubbery.net 
> [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of 
> Chris Gauthier
> Sent: Thursday, September 04, 2008 12:40
> To: Daniel Medina; Smirnoff Alexander
> Cc: rancid-discuss at shrubbery.net
> Subject: [rancid] Re: cisco Last configuration change by
> 
> Not exactly the answer you want to hear, but "Go buy a 
> Juniper".  Their routers have the ability to log every 
> command and who performed it.
> 
> I don't know, other than using AAA Accounting, how you would 
> get that granular of change information, especially if you 
> are pulling info from the router and not pushing it to the server.
> 
> Chris
> 
> -----Original Message-----
> From: rancid-discuss-bounces at shrubbery.net
> [mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of 
> Daniel Medina
> Sent: Thursday, September 04, 2008 7:43 AM
> To: Smirnoff Alexander
> Cc: rancid-discuss at shrubbery.net
> Subject: [rancid] Re: cisco Last configuration change by
> 
> On Thu, Sep 04, 2008 at 06:13:17PM +0400, Smirnoff Alexander wrote:
> > I track with AAA, but in case with rancid I will receive changes and
> who
> > made it in one place.
> 
>  This is the problem:
> 
>  1. Dan makes a change, X, wr mem
> 
>  2. Bogdan makes a change, Y, wr mem
> 
>  3. rancid runs, collects the configs, mails the diffs
> 
>     - you see changes X + Y
> 
>     - you see a line that says the config and NVRAM was last 
> changed by Bodgan
> 
> --
> Dan
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
> 


More information about the Rancid-discuss mailing list