[rancid] Re: Who made changes?
Sam Munzani
smunzani at comcast.net
Wed Apr 1 20:41:09 UTC 2009
K K wrote:
> 2009/3/31 Paul Buts <paul at paulbuts.nl>:
>
>> There is only one thing I want to know: is it possible to show who made the
>> changes in telnet? At this moment the webpage is telling me that the unix
>> user (who runned Rancid) has made the changes. For example, I have more
>> telnet accounts. One for Paul and one for Peter. If Paul made one change,
>> and Peter made two changes, I want that the webpage is telling me exactly
>> who made a change.
>>
>> Any hints or keywords would be really appreciated. Thanks!
>>
>
> If Paul makes one change at noon, then Peter logs in at 4PM and makes
> two more, and then Rancid finally runs at 6PM, you'll get one change
> email, showing the sum of all changes and (usually) showing that Peter
> was the last one to make a change.
>
> One workaround to this is to enable SNMP traps and/or syslog on each
> device, and tie you trapper/syslogger into your rancid server.
>
If the device you are dealing with is a cisco router or switch, it
generates a trap when you do write mem. Set an action script for that
OID that triggers rancid. At home I built a concept setup where I do
this. Configure net-snmp's snmptrapd.conf so that for OID X it triggers
rancid-run. This will ensure you are 100% up to date on the backup. I
don't have access to my box now otherwise I could send you a sample
snmptrapd.conf.
Thanks,
sam
> I have mine configured such that syslog-ng writes all events related
> to Cisco configuration changes to a directory change-events, into
> files named for the source device and hour of the day. Then each hour
> a cron job executes, reads the list of these files, and runs Rancid
> against the specific devices found. At the end of the script, it
> deletes any file in change-events older than 20 hours.
>
> This still won't catch every change by every user. For that, at least
> on Cisco, you can enable per-command logging.
> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20090401/e3d53d23/attachment.html
More information about the Rancid-discuss
mailing list