Configure Accounting of EXEC and privilege-level command usage
The network access server monitors the accounting functions defined in the TACACS+ attribute/value
(AV) pairs.
In the following sample configuration, AAA accounting is set to track all usage of EXEC commands and
commands on privilege level 15.
FTOS(conf)#aaa accounting exec default start-stop tacacs+
FTOS(conf)#aaa accounting command 15 default start-stop tacacs+
System accounting can use only the default method list:
aaa accounting system default start-stop tacacs+
Configure AAA Accounting for terminal lines
Use the following commands to enable accounting with a named method list for a specific terminal line
(where com15 and execAcct are the method list names):
FTOS(config-line-vty)# accounting commands 15 com15
FTOS(config-line-vty)# accounting exec execAcct
Monitor AAA Accounting
FTOS does not support periodic interim accounting, because the
congestion when many users are logged in to the network.
No specific
show
information about users currently logged in, perform the following task in Privileged EXEC mode:
Command Syntax
show accounting
Figure 43-1. show accounting Command Example for AAA Accounting
FTOS#show accounting
Active accounted actions on tty2, User admin Priv 1
Task ID 1, EXEC Accounting record, 00:00:39 Elapsed, service=shell
Active accounted actions on tty3, User admin Priv 1
Task ID 2, EXEC Accounting record, 00:00:26 Elapsed, service=shell
FTOS#
command exists for TACACS+ accounting. To obtain accounting records displaying
Command Mode
CONFIGURATION
periodic
Purpose
Step through all active sessions and print all the accounting records
for the actively accounted functions.
command can cause heavy
Security | 879