CLI and SNMP Audit Logging

CLI and SNMP audit logging provide Syslog messages for:

CLI and SNMP audit logging is turned on by configuring logging for the security application at level 7 (information), using the set logging application security level 7 command. CLI audit logging messages display the user mode, the IP address of the station originating the CLI command and the type of client connection, the CLI command entered and a status indicating command success (OK) or failure (Fail). The logging output when entering this command would log a message similar to:

<166>May  3 16:44:12 10.21.130.166 Security[1]User:admin; Source:134.141.90.54(ssh); Action:"set logging application security level 7 "; Status:OK

SNMP audit logging messages display the SNMP user, the IP address of the station originating the SET, the MIB leaf modified and the setting value, and a status indicating success (OK) or failure (Fail).

SNMP authentication failure messages display the SNMP user, the IP address of the station originating the request, and the failure reason.