Newbie question

Jeff Aitken jaitken at aitken.com
Mon Mar 29 16:22:44 UTC 2004


On Mon, Mar 29, 2004 at 05:58:07PM +0200, Otto, Axel wrote:
> And here is my problem: I would like to see who have done configuration
> changes on our routers, this information is usually shown if you do a "show
> running-config" on a router. Unfortunately this information gets filtered
> out by the rancid process and I have no clue how to keep it.
> Is there somebody out there who can help?

Assuming you're talking about this output:

    !
    ! Last configuration change at 07:02:04 UTC Sat Mar 27 2004 by jaitken
    ! NVRAM config last updated at 07:02:06 UTC Sat Mar 27 2004 by jaitken
    !

rancid could probably be tweaked to save it.  I've never done this
personally but it shouldn't be hard.  However, the problem is that
this only tells you the *last* person who changed the config and
who saved it to NVRAM.  If you want to know the complete set of
people who made changes (and what specific changes they made) you
really want command logging of some kind.  How you configure this
depends on a number of factors including the protocol you use
(RADIUS, TACACS), the level of detail you want, and so on.  For
more info, look on CCO for the 'aaa accounting' hierarchy of commands
and go from there.

    router(config)#aaa accounting ?
      commands    For exec (shell) commands.
      connection  For outbound connections. (telnet, rlogin)
      exec        For starting an exec (shell).
      nested      When starting PPP from EXEC, generate NETWORK records before
	          EXEC-STOP record.
      network     For network services. (PPP, SLIP, ARAP)
      send        Send records to accounting server.
      suppress    Do not generate accounting records for a specific type of user
      system      For System events.
      update      Enable accounting update records.


HTH,


--Jeff




More information about the Rancid-discuss mailing list