Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON
61626364656667686970
Pre-requisites
To configure a secure connection from the switch to the syslog server:
1. On the switch, enable the SSH server
DellEMC(conf)#ip ssh server enable
2. On the syslog server, create a reverse SSH tunnel from the syslog server to the Dell OS switch, using following syntax:
ssh -R <remote port>:<syslog server>:<syslog server listen port> user@remote_host -nNf
In the following example the syslog server IP address is 10.156.166.48 and the listening port is 5141. The switch IP
address is 10.16.131.141 and the listening port is 5140
ssh -R 5140:10.156.166.48:5141 admin@10.16.131.141 -nNf
3. Configure logging to a local host. locahost is 127.0.0.1 or ::1.
If you do not, the system displays an error when you attempt to enable role-based only AAA authorization.
DellEMC(conf)# logging localhost tcp port
DellEMC(conf)#logging 127.0.0.1 tcp 5140
Sending System Messages to a Syslog Server
To send system messages to a specified syslog server, use the following command. The following syslog standards are
supported: RFC 5424 The SYSLOG Protocol, R.Gerhards and Adiscon GmbH, March 2009, obsoletes RFC 3164 and RFC 5426
Transmission of Syslog Messages over UDP.
Specify the server to which you want to send system messages. You can configure up to eight syslog servers.
CONFIGURATION mode
logging {ip-address | ipv6-address | hostname} {{udp {port}} | {tcp {port}}}
You can export system logs to an external server that is connected through a different VRF.
Track Login Activity
Dell EMC Networking OS enables you to track the login activity of users and view the successful and unsuccessful login events.
When you log in using the console or VTY line, the system displays the last successful login details of the current user and the
number of unsuccessful login attempts since your last successful login to the system, and whether the current users
permissions have changed since the last login. The system stores the number of unsuccessful login attempts that have occurred
in the last 30 days by default. You can change the default value to any number of days from 1 to 30. By default, login activity
tracking is disabled. You can enable it using the login statistics enable command from the configuration mode.
Restrictions for Tracking Login Activity
These restrictions apply for tracking login activity:
Only the system and security administrators can configure login activity tracking and view the login activity details of other
users.
Login statistics is not applicable for login sessions that do not use user names for authentication. For example, the system
does not report login activity for a telnet session that prompts only a password.
62
Management