[RADIATOR] How to log authorizations of user commands?
patrik.forsberg at ip-only.se
Tue Aug 27 06:57:35 UTC 2019
Well.. I don't use success/fail logs for that but rather accounting - which can be done to ether a file or database, it does put demand on the client router/switch that it actually sends accounting details tho - but if you're using tacacs++ that's likely not an issue as most devices I've hit so far does that innate.
It is also, kind of, logged in the radiator logfile but I'd say it's safer to get it from accounting.
From: radiator <radiator-bounces at lists.open.com.au> On Behalf Of BeheerInfra-OT at kpn.com
Sent: den 26 augusti 2019 11:04
To: radiator at lists.open.com.au
Cc: BeheerInfra-OT at kpn.com
Subject: [RADIATOR] How to log authorizations of user commands?
Hello Patrick and Hugh,
Sorry for the late reply. I was on a short vacation.
What I miss in the examples that you gave is the capture of the Cisco IOS commands in the authorization logging.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the radiator