beautypg.com

Cee audit logs, Table 13, Draft: brocade confidential – Brocade Communications Systems Converged Enhanced Ethernet 53-1002163-02 User Manual

Page 64

background image

42

Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

CEE audit logs

5

DRAFT: BROCADE CONFIDENTIAL

CEE audit logs

The CEE audit logs record all changes made by authorized users. This information is always
present, irrespective of the configuring entity. Because redundant configuration is not recorded,
only configuration changes that have resulted in some change in the running-config file on the
system are logged.

In addition to configuration commands, the copy and clear commands, which alter the system
state, are logged. On the local system, the logs are maintained in a circular buffer with a capacity of
256 entries. The audit log infrastructure of the Fabric OS is used here and the capacity of 256
entries is shared between the Fabric OS and CEE audit logs.

Table 3 shows the components of the CEE audit logs.

To configure CEE audit logs, perform these steps from the Fabric OS command shell.

1. CEE audit logging is disabled by default. It must be enabled explicitly by using the auditcfg

command from the Fabric OS shell. See the Fabric OS Command Reference Manual
Supporting Fabric OS v6.4.0 for details.

switch>auditcfg –-enable

2. The CEE audit logs belong to the CONFIGURATION class of audit logs. The filter for this class

must be enabled by using the auditcfg command from the Fabric OS shell. See the Fabric OS
Command Reference Manual Supporting Fabric OS v6.4.0 for details.

switch>auditcfg –-class 3

3. Activate privileged EXEC mode.

switch>cmsh
switch#enable
switch#

TABLE 13

Format of the CEE audit logs

Name

Example

Description

Timestamp

2009/05/12-21:25:57

Date and time at which the log was
generated

User

Root

User’s login name

Role

Root

User’s RBAC role

IP

10.2.2.47

IP address of the user’s computer

Session

telnet

The virtual console from which the
user executed the command

Hostname

EL34

Host name of the switch

Mode

Config

The configuration mode in which the
command was executed

Command

rmon event 15

The CLI command that altered the
configuration

See also other documents in the category Brocade Communications Systems Hardware: