Administrator Guide

• the internal buer

• console and terminal lines

• any congured syslog servers

To disable logging, use the following commands.

• Disable all logging except on the console.

CONFIGURATION mode

no logging on

• Disable logging to the logging buer.

CONFIGURATION mode

no logging buffer

• Disable logging to terminal lines.

CONFIGURATION mode

no logging monitor

• Disable console logging.

CONFIGURATION mode

no logging console

Audit and Security Logs

This section describes how to congure, display, and clear audit and security logs.

The following is the conguration task list for audit and security logs:

• Enabling Audit and Security Logs

• Displaying Audit and Security Logs

• Clearing Audit Logs

Enabling Audit and Security Logs

You enable audit and security logs to monitor conguration changes or determine if these changes aect the operation of the system in the

network. You log audit and security events to a system log server, using the logging extended command in CONFIGURATION mode.

This command is available with or without RBAC enabled. For information about RBAC, see Role-Based Access Control.

Audit Logs

The audit log contains conguration events and information. The types of information in this log consist of the following:

• User logins to the switch.

• System events for network issues or system issues.

• Users making conguration changes. The switch logs who made the conguration changes and the date and time of the

change. However, each specic change on the conguration is not logged. Only that the conguration was modied is logged with the

user ID, date, and time of the change.

• Uncontrolled shutdown.

Security Logs

Management