20-8
Cisco ONS 15454 DWDM Installation and Operations Guide, R6.0
August 2005
Chapter 20 Security Reference
20.3.2 Audit Trail Capacities
Audit trail records capture the following activities:
• User—Name of the user performing the action
• Host—Host from where the activity is logged
• Device ID—IP address of the device involved in the activity
• Application—Name of the application involved in the activity
• Task—Name of the task involved in the activity (view a dialog box, apply configuration, and so on)
• Connection Mode—Telnet, Console, Simple Network Management Protocol (SNMP)
• Category—Type of change: Hardware, Software, Configuration
• Status—Status of the user action: Read, Initial, Successful, Timeout, Failed
• Time—Time of change
• Message Type—Denotes whether the event is Success/Failure type
• Message Details—Description of the change
20.3.2 Audit Trail Capacities
The system is able to store 640 log entries.When this limit is reached, the oldest entries are overwritten
with new events. When the log server is 80 percent full, an AUD-LOG-LOW condition is raised and
logged (by way of Common Object Request Broker Architecture [CORBA]/CTC).
When the log server reaches a maximum capacity of 640 entries and begins overwriting records that were
not archived, an AUD-LOG-LOSS condition is raised and logged. This event indicates that audit trail
records have been lost. Until the user off-loads the file, this event occurs only once regardless of the
amount of entries that are overwritten by the system. See the “NTP-G109 Off-Load the Audit Trail
Record” procedure on page 13-16 for more information.
20.4 RADIUS Security
Superusesr can configure nodes to use Remote Authentication Dial In User Service (RADIUS)
authentication. RADIUS uses a strategy known as authentication, authorization, and accounting (AAA)
for verifying the identity of, granting access to, and tracking the actions of remote users. See the
“DLP-G281 Configure the Node for RADIUS Authentication” task on page 10-55as needed.
Table 20-4 Audit Trail Window Columns
Heading Explanation
Date Date when the action occurred
Num Incrementing count of actions
User User ID that initiated the action
P/F Pass/Fail (whether or not the action was executed)
Operation Action that was taken
To Next Page
Loading...
