To enable this feature you need to enable the set cli-audit enable from global system
Messages are set via the action ( execute edit delete etc. ). This is great and provides a simple audit trail.
You can use a combination of execute log filter field values to track a user
e.g
execute log filter field user kfelix
So keep this feature in mind if you need to track user commands executions.
note: The execution of cmds via the hidden fnsysctl or diagnostic commands are not displayed in the audit logs.
Ken Felix
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment