Audit And Security Logs - Dell S4820T Configuration Manual

Hide thumbs Also See for S4820T:

Table of Contents

no logging on

Disable logging to the logging buffer.

CONFIGURATION mode

no logging buffer

Disable logging to terminal lines.

CONFIGURATION mode

no logging monitor

Disable console logging.

CONFIGURATION mode

no logging console

Audit and Security Logs

This section describes how to configure, display, and clear audit and security logs.

The following is the configuration task list for audit and security logs:

Enabling Audit and Security Logs

Displaying Audit and Security Logs

Clearing Audit Logs

Enabling Audit and Security Logs

You enable audit and security logs to monitor configuration changes or determine if these changes affect

the operation of the system in the network. You log audit and security events to a system log server,

using the logging extended command in CONFIGURATION mode.

This command is available with or without RBAC enabled. For information about RBAC, see

The audit log contains configuration events and information. The types of information in this log consist

of the following:

User logins to the switch.

System events for network issues or system issues.

Users making configuration changes. The switch logs who made the configuration changes and the

date and time of the change. However, each specific change on the configuration is not logged. Only

that the configuration was modified is logged with the user ID, date, and time of the change.

Uncontrolled shutdown.

Security Logs

The security log contains security events and information. RBAC restricts access to audit and security logs

based on the CLI sessions' user roles. The types of information in this log consist of the following:

Establishment of secure traffic flows, such as SSH.