Additional Audit
Record Contents
FMT_MOF.1(1)/
Trusted Update
Any attempt to
initiate a manual
update
*Jul 10 11:04:09.179: %PARSER-5-
CFGLOG_LOGGEDCMD: User:cisco logged
command:upgrade
All management
activities of TSF
data
Feb 17 2013 16:34:02: %PARSER-5-
CFGLOG_LOGGEDCMD: User:test_admin logged
command:logging informational
Modification,
deletion,
generation/impor
t of
cryptographic
keys.
Feb 17 2013 16:37:27: %PARSER-5-
CFGLOG_LOGGEDCMD: User:test_admin logged
command:crypto key zeroize
Application of
rules configured
with the ‘log’
operation
Source and
destination
addresses
Source and
destination ports
Transport Layer
Protocol
TOE Interface
Jan 21 2013 11:29:16 UTC: %SEC-6-
IPACCESSLOGP: list 111 permitted tcp
21.0.0.20(3333) -> 21.0.0.1(21), 1 packet
Jan 21 2013 11:43:45 UTC: %SEC-6-
IPACCESSLOGP: list 111 denied tcp 21.0.0.20(0) ->
21.0.0.1(21), 1 packet
Indication of
packets dropped
due to too much
network traffic
TOE interface that
is unable to process
packets
*May 6 04:04:28.279: %HA_EM-6-LOG: test2:
value GigabitEthernet0/2 output_packets_dropped
increased from 1058406890 to 1061078215
The old and new
values for the time.
Origin of the
attempt to change
time for success
and failure (e.g., IP
address).
++++ 14:18:21 ASR1001X Control::transmit +++
Transmit: show logging | include CLOCKUPDATE
+--- 14:18:21 ---
++++ 14:18:21 ASR1001X Control::receive +++
show logging | include CLOCKUPDATE
Mar 18 13:18:19.639: \%SYS-6-CLOCKUPDATE:
System clock has been updated from 14:18:19 EDT
Wed Mar 18 2015 to 13:18:19 EDT Wed Mar 18
2015, configured from console by script on console.
ASR1001X#
--- 14:18:36 ---
.Dec 22 22:22:35.812: NTP message sent to
10.24.0.1, from interface 'GigabitEthernet0/0/0'
(10.21.0.110).
.Dec 22 22:22:35.812: NTP message received from
10.24.0.1 on interface 'GigabitEthernet0/0/0'
To Next Page
Loading...
Need help?
General
