Foundry Networks Switch and Router Installation And Configuration Manual page 267

The feature is enabled by default.
Examples of Syslog Messages for CLI Access
When a user whose access is authenticated by a local user account, a RADIUS server, or a TACACS/TACACS+
server logs into or out of the CLI's User EXEC or Privileged EXEC mode, the software generates a Syslog
message and trap containing the following information:
• The time stamp
• The user name
• Whether the user logged in or out
• The CLI level the user logged into or out of (User EXEC or Privileged EXEC level)
NOTE: Messages for accessing the User EXEC level apply only to access through Telnet. The device does not
authenticate initial access through serial connections but does authenticate serial access to the Privileged EXEC
level. Messages for accessing the Privileged EXEC level apply to access through the serial connection or Telnet.
The following examples show login and logout messages for the User EXEC and Privileged EXEC levels of the
CLI:
BigIron(config)# show logging
Syslog logging: enabled (0 messages dropped, 0 flushes, 0 overruns)
Buffer logging: level ACDMEINW, 12 messages logged
level code: A=alert C=critical D=debugging M=emergency E=error
I=informational N=notification W=warning
Static Log Buffer:
Dec 15 19:04:14:A:Fan 1, fan on right connector, failed
Dynamic Log Buffer (50 entries):
Oct 15 18:01:11:info:dg logout from USER EXEC mode
Oct 15 17:59:22:info:dg logout from PRIVILEDGE EXEC mode
Oct 15 17:38:07:info:dg login to PRIVILEDGE EXEC mode
Oct 15 17:38:03:info:dg login to USER EXEC mode
Syntax: show logging
The first message (the one on the bottom) indicates that user "dg" logged in to the CLI's User EXEC level on
October 15 at 5:38 PM and 3 seconds (Oct 15 17:38:03). The same user logged into the Privileged EXEC level
four seconds later.
The user remained in the Privileged EXEC mode until 5:59 PM and 22 seconds. (The user could have used the
CONFIG modes as well. Once you access the Privileged EXEC level, no further authentication is required to
access the CONFIG levels.) At 6:01 PM and 11 seconds, the user ended the CLI session.
Disabling the Syslog Messages and Traps
Logging of CLI access is enabled by default. If you want to disable the logging, use the following method.
USING THE CLI
To disable logging of CLI access, enter the following commands:
BigIron(config)# no logging enable user-login
BigIron(config)# write memory
BigIron(config)# reload
Syntax: [no] logging enable user-login
USING THE WEB MANAGEMENT INTERFACE
You cannot disable logging of CLI access using the Web management interface.
December 2000
Configuring Basic Features
10 - 9