[tac_plus] about tacacs

Alan McKinnon alan.mckinnon at gmail.com
Fri Sep 2 10:43:13 UTC 2011 

On Fri, 2 Sep 2011 03:22:09 -0700 (PDT)
Dagia Dorjsuren <dagmid_d at yahoo.com> wrote:

> hi,
> 
>     My device is Linksys SRW208 managed switch. so, how to enable
> that tacacs accounting on Linksys SRW208?

I have no idea, that's not a tac_plus function. What does the
device's documentation say?

The other option is to enable daemon logging with tac_plus -d
The logs get very verbose when you do this though, they are nowhere
near as useful as proper accounting logs becuase daemon logs are
designed to record what tac_plus is doing, not what the user is doing.




> 
> 
> 
> ________________________________
> From: Alan McKinnon <alan.mckinnon at gmail.com>
> To: "tac_plus at shrubbery.net" <tac_plus at shrubbery.net>
> Sent: Friday, September 2, 2011 6:24 AM
> Subject: Re: [tac_plus] about tacacs
> 
> On Thu, 1 Sep 2011 00:45:40 -0700 (PDT)
> Dagia Dorjsuren <dagmid_d at yahoo.com> wrote:
> 
> > Hello,
> > 
> > I have a question. 
> > 
> > How to save the client's commands logs?
> >  
> >  
> > I run my tacacs as following. tac_plus -C
> > /etc/tacacs+/tac_plus.conf -d16 -l /var/log/tacacs.log
> >  
> > And my tac_plus.conf file is below.
> >  
> > ==============================
> > key = secret
> >  
> > accounting file = /var/log/tac_plus.acct
> >  
> > user = dagia {
> >         login = des
> > "hWrVIWe2VaUAM"
> >         member =
> > admin
> > }
> >  
> >  
> > group = admin {
> >         default
> > service = permit
> >         service =
> > exec {
> >         priv-lvl =
> > 15
> > }}
> >  
> > ==============================
> >  
> >  
> > I would like to save and collect that user
> > "dagia" 's commands. Could you advise me please?
> 
> Enable tacacs accounting on the device, the commands appear
> in /var/log/tac_plus.acct per your config.
> 
> It logs every command run by every user, but you can grep the user's
> name to find what you want.
> 
> 
> 
> >  
> >  
> >  
> > Thanks,
> > Dagia
> > -------------- next part --------------
> > An HTML attachment was scrubbed...
> > URL:
> > <http://www.shrubbery.net/pipermail/tac_plus/attachments/20110901/2c485ef0/attachment.html>
> > _______________________________________________ tac_plus mailing
> > list tac_plus at shrubbery.net
> > http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus
> 
> 
> 



-- 
Alan McKinnnon
alan.mckinnon at gmail.com

More information about the tac_plus mailing list