Enterasys C3 Configuration Guide 19-1
19
Configuring System Logging
This chapter describes how to display and configure system logging, including Syslog server
settings, Syslog default settings, and the logging buffer. This chapter also includes information
about security audit logging.
About Security Audit Logging
Security audit logging provides a mechanism to generate a separate and secure log file, in
addition to the previously existing unsecured log file (“current.log”).
The secure permanent log file, named "secure.log," records security related events occurring on
the switch. The secure log file contains 1000 256-byte log entries and is managed as a circular list.
The “secure.log” file is stored in the secure/logs directory, which is only visible to and accessible
by super user accounts.
By default, security audit logging is disabled. Only a system administrator (super-user) may
enable the security audit logging function, and only a system administrator has the ability to
retrieve, copy, or upload the secure.log file. Security audit logging is enabled or disabled with the
command “set logging local” on page 19-11.
Security Events Logged
A new logging application identifier, "Security,” has been defined to specify the level of logging
desired. When "Security" is set to level 5, the following security audit logs will be generated:
• Logins and logouts
• Login failures
When "Security" is set to level 6, the following security audit logs will additionally be generated:
• Login banner acceptance
• Excessive logon attempts
• Remote system access
• Changes in privileges or security attributes
Note: An Enterasys Feature Guide document containing an in-depth discussion of Syslog
configuration is located on the Enterasys web site:
https://extranet.enterasys.com/downloads/
For information about... Refer to page...
About Security Audit Logging 19-1
Commands 19-3
To Next Page
Loading...
Need help?
General