beautypg.com

Aaa accounting commands – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 1228

background image

AAA Commands

Software Reference for x310 Series Switches

45.6

AlliedWare Plus

TM

Operating System - Version 5.4.4C

C613-50046-01 REV A

aaa accounting commands

Use this command to configure and enable TACACS+ command accounting. When
command accounting is enabled, information about a command entered at a specified
privilege level on a device is sent to a TACACS+ server. To account for all commands
entered on a device you need to configure command accounting for each discrete
privilege level. A command accounting record includes the command as entered for the
specified privilege level, the date and time each command execution finished, and the
username of the user who executed the command.

This command creates a default method list that is applied to every console and vty line.
The stop-only parameter indicates that an accounting message is sent to the TACACS+
server when a command has stopped executing.

Note that up to four TACACS+ servers can be configured for accounting. The servers are
checked for reachability in the order they are configured and only the first reachable
server is used. If no server is found the accounting message is dropped.

Use the no variant of this command to disable command accounting.

Syntax

aaa accounting commands <1-15> default stop-only group tacacs+

no aaa accounting commands <1-15> default

Default

TACACS+ command accounting is disabled by default.

Mode

Global Configuration

Usage

When command accounting is enabled, the command as entered is included in the
accounting packets sent to the TACACS+ accounting server.

You cannot enable command accounting if a trigger is configured. An error message is
displayed if you attempt to enable command accounting and a trigger is configured.

The

show tech-support

command runs a number of commands and each command is

accounted separately.

When the copy <filename> running-config command is executed all the commands of a
configuration file copied into the running-config are accounted separately.

Examples

To configure command accounting for privilege level 15 commands, use the following
commands:

To disable command accounting for privilege level 15 commands, use the following
commands:

Parameter

Description

<1-15>

The privilege level, in the range 1 to 15.

awplus#

configure terminal

awplus(config)#

aaa accounting commands 15 default

stop-only

group tacacs+

awplus#

configure terminal

awplus(config)#

no aaa accounting commands 15 default

See also other documents in the category Allied Telesis Computer hardware: