Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

To disable logging, use the following commands.

• Disable all logging except on the console.

CONFIGURATION mode

no logging on

• Disable logging to the logging buffer.

CONFIGURATION mode

no logging buffer

• Disable logging to terminal lines.

CONFIGURATION mode

no logging monitor

• Disable console logging.

CONFIGURATION mode

no logging console

Audit and Security Logs

This section describes how to configure, display, and clear audit and security logs.

The following is the configuration task list for audit and security logs:

• Enabling Audit and Security Logs

• Displaying Audit and Security Logs

• Clearing Audit Logs

Enabling Audit and Security Logs

You enable audit and security logs to monitor configuration changes or determine if these changes affect the operation of the system in

the network. You log audit and security events to a system log server, using the logging extended command in CONFIGURATION

mode. This command is available with or without RBAC enabled. For information about RBAC, see Role-Based Access Control.

Audit Logs

The audit log contains configuration events and information. The types of information in this log consist of the following:

• User logins to the switch.

• System events for network issues or system issues.

• Users making configuration changes. The switch logs who made the configuration changes and the date and time of the

change. However, each specific change on the configuration is not logged. Only that the configuration was modified is logged with the

user ID, date, and time of the change.

• Uncontrolled shutdown.

Security Logs

The security log contains security events and information. RBAC restricts access to audit and security logs based on the CLI sessions’ user

roles. The types of information in this log consist of the following:

• Establishment of secure traffic flows, such as SSH.

• Violations on secure flows or certificate issues.

• Adding and deleting of users.

• User access and configuration changes to the security and crypto parameters (not the key information but the crypto configuration)

Important Points to Remember

When you enabled RBAC and extended logging:

• Only the system administrator user role can execute this command.

• The system administrator and system security administrator user roles can view security events and system events.

• The system administrator user roles can view audit, security, and system events.

• Only the system administrator and security administrator user roles can view security logs.

• The network administrator and network operator user roles can view system events.

NOTE:

If extended logging is disabled, you can only view system events, regardless of RBAC user role.

56 Switch Management