Foundry Configuration Guide for the FESX, FSX, and FWSX
3 - 6 © Foundry Networks, Inc. December 2005
Disabling Syslog Messages and Traps for CLI Access
Foundry devices send Syslog messages and SNMP traps when a user logs into or out of the User EXEC or
Privileged EXEC level of the CLI. The feature applies to users whose access is authenticated by an
authentication-method list based on a local user account, RADIUS server, or TACACS/TACACS+ server.
NOTE: The Privileged EXEC level is sometimes called the “Enable” level, because the command for accessing
this level is enable.
The feature is enabled by default.
Examples of Syslog Messages for CLI Access
When a user whose access is authenticated by a local user account, a RADIUS server, or a TACACS/TACACS+
server logs into or out of the CLI’s User EXEC or Privileged EXEC mode, the software generates a Syslog
message and trap containing the following information:
• The time stamp
• The user name
• Whether the user logged in or out
• The CLI level the user logged into or out of (User EXEC or Privileged EXEC level)
NOTE: Messages for accessing the User EXEC level apply only to access through Telnet. The device does not
authenticate initial access through serial connections but does authenticate serial access to the Privileged EXEC
level. Messages for accessing the Privileged EXEC level apply to access through the serial connection or Telnet.
The following examples show login and logout messages for the User EXEC and Privileged EXEC levels of the
CLI:
Syntax: show logging
The first message (the one on the bottom) indicates that user “dg” logged in to the CLI’s User EXEC level on
October 15 at 5:38 PM and 3 seconds (Oct 15 17:38:03). The same user logged into the Privileged EXEC level
four seconds later.
The user remained in the Privileged EXEC mode until 5:59 PM and 22 seconds. (The user could have used the
CONFIG modes as well. Once you access the Privileged EXEC level, no further authentication is required to
access the CONFIG levels.) At 6:01 PM and 11 seconds, the user ended the CLI session.
Disabling the Syslog Messages and Traps
Logging of CLI access is enabled by default. If you want to disable the logging, enter the following commands:
FESX424 Router(config)# no logging enable user-login
FESX424 Router(config)# write memory
FESX424 Switch(config)# show logging
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Buffer logging: level ACDMEINW, 12 messages logged
level code: A=alert C=critical D=debugging M=emergency E=error
I=informational N=notification W=warning
Static Log Buffer:
Dec 15 19:04:14:A:Fan 1, fan on right connector, failed
Dynamic Log Buffer (50 entries):
Oct 15 18:01:11:info:dg logout from USER EXEC mode
Oct 15 17:59:22:info:dg logout from PRIVILEGE EXEC mode
Oct 15 17:38:07:info:dg login to PRIVILEGE EXEC mode
Oct 15 17:38:03:info:dg login to USER EXEC mode
To Next Page
Loading...
Need help?
General
