Logging commands
If I don't have "aaa accounting command" set up, will I still be able to capture all the commands entered if I have my debug logging traps the value? that is, what is the significant difference between the two? Only two methods reached the same goal? Thank you!
No, the debugging will not record commands typed. Debugging loggera just about everything what ele and record a message saying that the device has been configured by xxx when you exit the config, but it shows all the commands. The only way I know to do is with aaa accounting.
-Eric
Tags: Cisco Security
Similar Questions
-
Hi guys, I m using ACS 3.3 version of windows, these are the commands
accounting AAA periodic update 1
AAA accounting exec default start-stop Ganymede group.
orders accounting AAA 15 by default start-stop Ganymede group.
but I m receive all connected show commands, I usually I record the show running, see commissioning, but no other show commands don't like to see memory int ip and others, what is the reason? How can I get orders exec connected?
Thank you
Françoise
The command that you have configured:
orders accounting AAA 15 by default start-stop Ganymede group.
will generate accounting entries for entered orders requiring level 15 privileges (such as show run, show early, etc) but don't generate accounting for orders requiring only level 1 privilege (such as sh ip int brief, etc.). If you also want these controls to generate accounting documents, then you must add this to your config:
orders accounting AAA 1 by default start-stop Ganymede group.
HTH
Rick
-
Cisco ACS 3.1 and Logging of Nortel Passport CLI commands
Good afternoon
We try to log commands CLI Cisco ACS version 3.1 of Nortel Passport 8600. The version of the code that runs on the Passport does not support Ganymede +.
Passports authenticate OK but don't sign any order information. I "think" the problem is maybe that the VSA Radius of Nortel for cli-commands-attribute, 195, is not collected by ACS.
Does anyone know how I would go to get this added to the existing list of Radius (Nortel) VSA?
Thank you very much
Kind regards
Flett.
Foisy,
You must add the attribute Nortel 193-195 to activate the posting of the order.
Unfortunately you can't download on code 3.x, you will need to upgrade acs to the 4.x code.
Kind regards
~ JG
Note the useful messages
-
Help with logs on Cisco router
First of all: if I'm in the wrong place, please let me know.
Question: I'm digging orders Cisco, but the help of Cisco, Googe, Yahoo Sites and other types of resources can not give me the answer I wanted.
Router: Cisco 7206VXR (NPE - G1) processor (revision C) with 983040K / 65536K bytes of memory.
My question is simple and pleasant: I need to learn from the history of the Interface of one of our routers and not being is not in the domain of Cisco for a few years I can't find command. If I can find a command that draws a complete history that would be great.
The commands I used:
history
history of show
car1. Ash #sh interfaces se1/0/23:0 history
^
Invalid entry % detected at ' ^' marker.car1. Ash #show interface se1/0/23:0 60 minutes story
^
Invalid entry % detected at ' ^' marker.I need to find the command that gives newspapers the following type:
00:00:46: % LINK-3-UPDOWN: Interface Port-Channel, 1 changed State to
00:00:47: % LINK-3-UPDOWN: Interface GigabitEthernet0/1, changed State to
00:00:47: % LINK-3-UPDOWN: Interface GigabitEthernet0/2, changed State to
00:00:48: % LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, state change downstairs
00:00:48: % LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed
State down 2 * 1 Mar 18:46:11: % SYS-5-CONFIG_I: configured from console by vty2
(10.34.195.36)
18:47:02: % SYS-5-CONFIG_I: configured from console vty2 (10.34.195.36)
* 18:48:50.483 Mar 1 UTC: % SYS-5-CONFIG_I: configured from console vty2 (10.34.195.36)What you are looking for is not available using interface show orders but would be available using the show log command. You want something that could look like this
view Journal | include 1/0/23:0
Note that this is the search through the buffer of logging on the router. The amount of memory allocated to the record buffer and the volume of messages generated will determine how far back you can go. If the router sends syslog messages to a syslog server (or another feature of management that archive messages) then you can search the logs it and to go further back. Also note that the logging buffer is cleared when the router reloads.
HTH
Rick
-
AAA authorization and control logging show
Hello guys,.
I am running IOS 15 on some routers and using ACS version 5.3.0.40.5 for authentication and authorization.
I would like to have a group of users to not be able to access the configuration mode but deliver all show commands.
However, the show logging command doesn't seem to work in user mode.
Ideas or workarounds are welcome.
Thanks in advance.
Is your set command looks like him below listed link for read-only access
~ BR
Jatin kone* Does the rate of useful messages *.
-
How to turn Pix timestamp of the log messages in the buffer
How can I activate the timestamp of the log 'stamped' PIX messages? I activated the "record timestamp" command that generates timestamps for 'syslogd' messages but my messages saved in the buffer do not have a timestamp on them.
I'm running ver 6.2 (2) 'warnings of logging in buffered memory ".
Rgds tony
Unfortunately you don't have. As you have seen, the "horodateurs log" command the timestamps on the syslog messages, but still put on the console messages.
There is a bug already open about it, CSCdu18237. No word on when it will be resolved, however.
-
I'm trying to limit disk size space using the agent logs. I put the log command - limit disk space in the agent.properties of Pentecost a value of 1 (1 MB), but it does not work because I find the paper with a size greater than 1.
What is the problem with that? How the command log - limit disk space?
Journal-disk-space-limit is the maximum size in MB of all * idle * combined log files. If it does not apply to the current active log file. You will need to use this setting in combination with log-file-size limit, which limits the size of the active log file. When a log file reaches this limit, it is closed and the rolls in a new log file logging. The log of old, inactive file begins to account against the limit set by journal - limit disk space.
-
How to resize the log files pending? or it is synchronized from primary?
I changed the size of the log file primary db to 50 m to 200 m.
I wonder if I should do it on the backup site?
I tried, and it doesn't seem to work on the backup site:
SQL > select group # thread #, status, bytes/1024/1024 of the journal of v$.
GROUP # THREAD # STATUS BYTES/1024/1024
---------- ---------- ---------------- ---------------
1 1 50 COMPENSATION
2 1 50 COMPENSATION
3 2 COMPENSATION 50
4 2 50 CURRENT
5 1 COMPENSATION 50
6 2 COMPENSATION 50
15 1 200 UNUSED
16 1 200 UNUSED
17 2 200 UNUSED
18 2 200 UNUSED
10 selected lines.
SQL > alter database drop logfile Group 1;
change the database drop 1 log file group
*
ERROR on line 1:
ORA-01624: log 1 necessary for instance REMEPRDS1 (1 wire) crash recovery
ORA-00312: thread 1 1 online journal:
"+ DAT/prds/onlinelog/group_1.961.793523169".
ORA-00312: thread 1 1 online journal:
"+ FRA/prds/onlinelog/group_1.5605.793523169".
SQL > alter system switch logfile;
alter system switch logfile
*
ERROR on line 1:
ORA-16000: database opened for read-only access
SQL > alter system switch logfile;
alter system switch logfile
*
ERROR on line 1:
ORA-16000: database opened for read-only access
SQL > /.
alter system switch logfile
*
ERROR on line 1:
ORA-16000: database opened for read-only access
SQL > alter database drop logfile Group 1;
change the database drop 1 log file group
*
ERROR on line 1:
ORA-01624: log 1 necessary for instance PRDS1 (1 wire) crash recovery
ORA-00312: thread 1 1 online journal:
"+ DAT/prds/onlinelog/group_1.961.793523169".
ORA-00312: thread 1 1 online journal:
"+ FRA/prds/onlinelog/group_1.5605.793523169".
SQL >
Please help me out here.
Thank youHello
Even if you add standby or online redo log files or even if you resize down and re-create redo log files, they will not be created on the standby database. It is instance specific.
Let all the restore, the MRP will cancel out.
And then let fall, add standby redo log files, I think that you need to the MANUAL upgrade standby_file_management before adding new files of newspapers waiting for redo. And do not forget to undo file management the AUTO value again after the execution of the changes.And you train to make the journal command pending, it applies only on the primaries because the log command can only be performed on the database that uses online redo log files. Even if you open databases Eve with recovery that no recovery will be generated as a result no switch journal is allowed too.
-
Create the catalog command: connect to the target / or catalog /?
Hi all
I created an instance of database, rmancat, to be my instance of catalog.
I am about to connect and run the create_catalog command, but I'm confused on how to connect.
I connect to the target or catalog in the RMAN log command?
export ORACLE_SID = rmancat
I have to do
RMAN target /.
or
sys@rmancat catalog RMAN
Thanks in advance,
CayenneNeither.
Connect to the owner of the recovery catalog database.
CREATE TABLESPACE CATALOGUE "CATALOGUE".
Source - Guide to backup and recovery - "Running the CREATE CATALOG command"
Example of
RMAN> connect catalog rmancat/password@ORAL; RMAN> create catalog tablespace "CATALOG"; (Only needs to be run if this is the first database to be added)USER = rmancat (owner of schmea for the catalog)
PASSWORD = password for owner of catalog schema
Basis of DATA = ORCL (change to your database catalog name)Best Regards mseberg -
Switch log and checkpoint - Oracle 11 g
Hello
I read documentation and the forum, but I can't find a clean explanation. I would like to ask - point past trigger Journal? I heard, to 8i point version control does not occur on log command, but can not find information
in the documentation.
Thanks awfully for help.
ConcerningThis can help...
http://download.Oracle.com/docs/CD/E11882_01/server.112/e16508/startup.htm#CNCPT89045
-
Log FTP of Dreamweaver CS4 is not accessible
Hello
I'm not an expert in Dreamweaver to apolgies if this is a silly question, just googling and pasted on it all night...
I can't open the site FTP log. When I select the 'Site Files' view and "Log FTP Site" options are silent on.
I want to run a CHMOD on a .pl script which I am downloading. I don't know that I've done it before entering "site CHMOD 755/file.pl" in the section of the Site FTP log command. But for some reason any I can't seem to him now.
Anyone know why that I have to change some settings or something?
Any help much appreciated.
Thank you
Kate
Hi, Kate
In DW window 'Files', select 'Remote server', then click "connects to the remote host", right-click your "file.pl" and click on "Set permissions" the "File properties" box opens, click on the "Run all" button and then 'OK' and then CHMOD 755 will be applied.
Hope this helps? x
-
Redlogfile size is 16 MB and generating the archivelog file size is approximately 10 Mb. what could be the reason?
Oracle Version: 10.2.0.4
OS: Windows
Published by: Deccan charger 19 April 2010 23:31First of all:
a redo log contains a lot of things necessary for instance etc. recovery an archived log is used only for the restorations - he didn't need all the stuff that is in a redo log, so when written CRA the archiving log that he does not write all knowledge, all that is required for restores
Second:
Archive logs is created with dimensions smaller, irregular, as the original redo logs. Why? [388627.1 ID]
--------------------------------------------------------------------------------
Last updated 2 June 2007 Type status MODERATE HOWTO
In this Document
Goal
Solution
References--------------------------------------------------------------------------------
This document is available to you through process of rapid visibility (RaV) of the Oracle's Support and therefore was not subject to an independent technical review.
Applies to:
Oracle Server - Enterprise Edition - Version: 8.1.7.4 to 11.1
Information in this document applies to any platform.Goal
Archive logs is created with dimensions smaller, irregular, as the original redo logs.
Commands like:
ALTER SYSTEM SWITCH LOGFILE
or
ALTER SYSTEM ARCHIVE LOG...
are not used to generate archives or change the log file. Thus, there is no parameter ARCHIVE_LAG_TARGET set.
What else could cause this behaviour?
Solution
From:
Bug: 5450861: NEWSPAPERS ARCHIVE IS GENERATED with one SIZE SMALLER THAN THE REDO LOG FILES
the explanation of this situation has 2 main reasons:
1 archiving logs do not have to be in the same size. This was decided very long ago, when blank padding archiving logs stopped for a very good reason - in order to save disk space.2. the log command does not exist when a redo log file is 100% full. There is an internal algorithm that determines when to switch journal. It also has a very good reason - do the command of newspaper at the last moment may incur performance problems (for various reasons, outside the scope of this note).
So, after that newspaper ordering occurs the archivers are only copying the information from the redo log files. As recovery logs are not 100% full after the command to log and archive logs are empty not filled after the copy operation is complete, this results in unequal files smaller than the original of redo log files.
This is very apparent for very low (less than 10 MB) log files; as a result, produced 2.5 MB archive logs of 5 MB recovery logs are very visible.
Just note that currently, the default log files are 100 MB in size. If the archives log files would be between 98 and 100 MB person would notice.
The main concern that one must have for newspapers of archives files is a possible corruption. This can be easily verified by attempting a resumption of testing. When it's ok, the size of the log archive uneven should be of no interest, as is expected. -
RMAN alert log Message: ALTER SYSTEM ARCHIVE LOG
Creates a new database Oracle 10.2.0.4 and now see "ALTER SYSTEM ARCHIVE LOG" in the journal of the alerts that when online RMAN backup is executed:
Wed Sep 26 21:52:03 2009
ALTER SYSTEM ARCHIVE LOG
Wed Sep 26 21:52:03 2009
Thread 1 Advanced to record the sequence of 35 (switch LGWR)
Currently Journal # 2 seq # 35 mem # 0: /u01/app/oracle/oradata/aatest/redo02.log
Currently Journal # 2 seq # 35 mem # 1: /u03/oradata/aatest/redo02a.log
Wed Sep 26 21:53:37 2009
ALTER SYSTEM ARCHIVE LOG
Wed Sep 26 21:53:37 2009
Thread 1 Advanced to record the sequence of 36 (switch LGWR)
Currently Journal # 3 seq # 36 mem # 0: /u01/app/oracle/oradata/aatest/redo03.log
Currently Journal # 3 seq # 36 mem # 1: /u03/oradata/aatest/redo03a.log
Wed Sep 26 21:53:40 2009
From control autobackup
Autobackup written control disk device
handle ' / u03/exports/backups/aatest/c-2538018370-20090826-00'.
I not publish a swiitch log command. The RMAN commands, I am running are:
CONFIGURE REDUNDANCY 2 RETENTION STRATEGY;
CONFIGURE CONTROLFILE AUTOBACKUP ON;
CONFIGURE CONTROLFILE AUTOBACKUP FORMAT for DEVICE TYPE DISK TO ' / u03/exports/backups/aatest/%F';
SET UP THE DEVICE TYPE DISK TYPE OF BACKUP TO COMPRESSED BACKUPSET;
CONFIGURE CHANNEL DEVICE TYPE DISK FORMAT ' / u03/exports/backups/aatest/%d_%U';
BACKUP DATABASE MORE ARCHIVELOG;
DELETE NOPROMPT OBSOLETE;
DELETE NOPROMPT ARCHIVELOG UNTIL ' SYSDATE-2';
I do not see this message on any other 10.2.0.4 instances. Someone has seen this and if yes why it shows in the log?
Thank you
Curt SwartzlanderThere is no problem with the log command. Please refer to the documentation for more information on the syntax 'PLUS ARCHIVELOG '.
http://download.Oracle.com/docs/CD/B19306_01/backup.102/b14192/bkup003.htm#sthref377
Adding BACKUP... MORE ARCHIVELOG causes RMAN, follow these steps:
* 1. Executes the ALTER SYSTEM ARCHIVE LOG CURRENT command.*
* 2. All runs THE BACKUP ARCHIVELOG. Note that if backup optimization is enabled, then RMAN passes the newspapers that he has already saved to the specified device
* 3. Backup the rest of the files specified in BACKUP command.*
* 4. Executes the ALTER SYSTEM ARCHIVE LOG CURRENT command.*
* 5. Backup of all remaining archived logs generated during the backup.*
This ensures that backups of data taken when the command file is recoverable in a consistent state.
-
HP 810 G3 revolution: HP revolve 810 G3 impossible to image,.
Try to image the G3 810 via SCCM 2012r2, injected I217 Intel(r) connection Ethernet-LM c. 12.12.80.19 to support start-up, but every time I get "cannot find a valid network adapter."
Here's the smsts.log file:
[[ourceIdentified'] LOG]! >
Unspecified error (error: 80004005;) (Source: Windows)] LOG]! >
For more information, contact your system administrator or helpdesk operator.] JOURNAL]! >I have them form HP: http://h20564.www2.hp.com/hpsc/swd/public/detail?sp4ts.oid=7429243&swItemId=ob_147677_1&swEnvOid=4158
Once you download this, you can use winZip, 7Zip or your choioce of utility to decompress. Once unziped, there will be a setup.exe and a "Flat" folder Each (64/32 bit) operating system is in the flat files - divers only.
-
using the usb key in veristand
Hello
Use Embedded data logger custom peripheral in veristand we could record data to the tdms file format located in the "c:\logs" on RT PXI. If I want to access this file, I am the pxi start in windows and then I could only access the file for analysis. Its very difficult to access the file process because I have to start every time in windows mode. My qustion is can I connect the data on USB RT PXI controller instead of recording on HDD PXI RT as in cRIO, we give the path directly on the USB as «U:\»... » ? And another option to access the RT file on the host...?
The channel of "Order Log" command the save operation of data inside the integrated data logger. You can use this channel to open or close data files. Valid values are:
0: idle (no order)
1: open the file. Closes the previous file reference if it was open and opens a new file reference.
2: close the file. Close the reference of files without having to open a new file reference.
The Log command channel is reset to idle once the order is processed.
I address your requirement by writing regularly 1 on the control channel Log. You can do this with a combination of channels, alarm and calculated procedure. I do not expect the current file is available when you shut down the system down, that is only the second to last and previous newspapers will be valid. There are other ways to accomplish your condition, but it seems simple to me.
Steve K
Maybe you are looking for
-
The question is self-explanatory.
-
No option to save messages to iCloud?
Hello I thought you used to be able to choose if you want to save your messages to iCloud? Under settings > iCloud? The option is not there on my iPhone or iPad. My wife has been removed and a load of messages from my iPhone (I should never have gi
-
Update does not work after a clean install.
I had to do a clean reinstall windiws XP and now I can't use windows update
-
Very slow access to network between Windows 7 64 and XP 32 readers
Nice day Recently, we have replaced a dying man computer of Windows XP with a new Windows 7, i3, 4 GB RAM with full 100Mbit network card, which is operating quite smoothly. This computer has a very necessary shared folder, the folder F1000.dta for Ac
-
Hi allI want to connect the WLS AD, but I have the user name and group are not displayed in WLS. I created the new provider here is my setting of WLS and WLS.My new provider name is "Active Directory":Host: ip address of thePort: 389Main: CN = weblog