Name: Cisco ONS 15454 DWDM
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

13-8

Cisco ONS 15454 DWDM Reference Manual, R8.5

78-18343-02

Chapter 13 Security Reference

13.3 Audit Trail

The Cisco ONS 15454 maintains a Telcordia GR-839-CORE-compliant audit trail log that resides on the

TCC2/TCC2P card. Audit trails are useful for maintaining security, recovering lost transactions and

enforcing accountability. Accountability refers to tracing user activities; that is, associating a process or

action with a specific user. This record shows who has accessed the system and what operations were

performed during a given period of time. The log includes authorized Cisco logins and logouts using the

operating system command line interface, CTC, and TL1; the log also includes FTP actions, circuit

creation/deletion, and user/system generated actions.

Event monitoring is also recorded in the audit log. An event is defined as the change in status of an

element within the network. External events, internal events, attribute changes, and software

upload/download activities are recorded in the audit trail.

The audit trail is stored in persistent memory and is not corrupted by processor switches, resets or

upgrades. However, if a user pulls both TCC2/TCC2P cards, the audit trail log is lost.

13.3.1 Audit Trail Log Entries

Table 13-4 contains the columns listed in Audit Trail window.

Audit trail records capture the following activities:

• User—Name of the user performing the action

• Host—Host from where the activity is logged

• Device ID—IP address of the device involved in the activity

• Application—Name of the application involved in the activity

• Task—Name of the task involved in the activity (view a dialog box, apply configuration, and so on)

• Connection Mode—Telnet, Console, Simple Network Management Protocol (SNMP)

• Category—Type of change: Hardware, Software, Configuration

• Status—Status of the user action: Read, Initial, Successful, Timeout, Failed

• Time—Time of change

• Message Type—Denotes whether the event is Success/Failure type

• Message Details—Description of the change

Table 13-4 Audit Trail Window Columns

Heading Explanation

Date Date when the action occurred

Num Incrementing count of actions

User User ID that initiated the action

P/F Pass/Fail (whether or not the action was executed)

Operation Action that was taken

Cisco ONS 15454 DWDM Reference Manual

Other manuals for Cisco ONS 15454 DWDM