CLI and SNMP Audit Logging

CLI and SNMP audit logging provide Syslog messages for:

CLI configuration changes
SNMP configuration changes
SNMP authentication failures
Note
In Release 7.41, CLI and SNMP audit logging messages were moved from other Syslog applications to the security application.

CLI and SNMP audit logging is turned on by configuring logging for the security application at level 7 (information), using the set logging application security level 7 command. CLI audit logging messages display the user mode, the IP address of the station originating the CLI command and the type of client connection, the CLI command entered and a status indicating command success (OK) or failure (Fail). The logging output when entering this command would log a message similar to:

<166>May  3 16:44:12 10.21.130.166 Security[1]User:admin; Source:134.141.90.54(ssh); Action:"set logging application security level 7 "; Status:OK

SNMP audit logging messages display the SNMP user, the IP address of the station originating the SET, the MIB leaf modified and the setting value, and a status indicating success (OK) or failure (Fail).

SNMP authentication failure messages display the SNMP user, the IP address of the station originating the request, and the failure reason.

Published May 2016prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback