User's Manual 1020 Document #: LTRT-10632
Mediant 800B Gateway & E-SBC
The device can report the following user activities:
Modifications of individual parameters, for example:
14:33:00.162 : 10.15.7.95 : Local 0 :NOTICE : [S=3403]
[BID=3aad56:32] Activity Log: Max Login Attempts was changed
from '3' to '2'. User: Admin. Session: HTTP (10.13.22.54)
Modifications of table fields, and addition and deletion of table rows, for example:
14:42:48.334 : 10.15.7.95 : NOTICE : [S=3546] [BID=3aad56:32]
Activity Log: Classification - remove line 2. User: Admin.
Session: HTTP (10.13.22.54)
Entered CLI commands (modifications of security-sensitive commands are logged
without the entered value).
Configuration file load (reported without per-parameter notifications).
Auxiliary file load and software update.
Device reset and burn to flash memory.
Access to unauthorized Web pages according to the Web user's access level.
Modifications of "sensitive" parameters.
Login and logout.
Actions that are not related to parameter changes (for example, file uploads, file
delete, lock-unlock maintenance actions, LDAP clear cache, register-unregister, and
start-stop trunk. In the Web, these actions are typically done by clicking a button (e.g.,
the LOCK button).
For more information on each of the above listed options, see 'Syslog, CDR and Debug
Parameters' on page 1085.
The following procedure describes how to configure management user activity logging
through the Web interface. You can also configure it through ini file (ActivityListToLog) or
CLI (configure troubleshoot > activity-log).
To configure reporting of Web user activities:
1. Open the Syslog Settings page (Troubleshoot tab > Troubleshoot menu > Logging
folder > Syslog Settings).
2. Under the Activity Types to Report group, select the Web actions to report to the
Syslog server:
Figure 64-5: Configuring Web Activities to Report to Syslog
3. Click Apply.
To Next Page
Loading...
