log-admin-audit-modify

This command is used to enable the collection of Netvisor auditing logs.

Syntax   log-admin-audit-modify disable|enable

Defaults   Disabled

Access   CLI

History   

Version 2.5

Command introduced.

Version 3.1.0

Command deprecated.

Version 5.1.0

Command re-added.

Usage   Use this command to enable the collection of Netvisor auditing logs.

Examples  To enable the feature, use the following syntax:

CLI network-admin@switch > log-admin-audit-modify enable

log-admin-audit-show

This command is used to display auditing functionality.

Syntax   log-admin-audit-show

Defaults   Disabled

Access   CLI

History   

Version 2.5

Command introduced.

Version 3.1.0

Command deprecated.

Usage   Use this command to display auditing functionality.

Examples  To display auditing functionality, use the following syntax:

CLI network-admin@switch > log-admin-audit-show

log-audit-exception-create

This command is used to control which CLI, shell and vtysh commands are subject to auditing. If a command is subject to auditing, the command is logged in the audit log and sent to the TACACS+ server as authorization and accounting messages.

Syntax   log-audit-exception-create


cli|shell|vtysh

Specify the type of audit exception

pattern pattern-string

Specify a regular expression to match exceptions.

any|read-only|read-write

Specify the access type to match exceptions

scope local|fabric

Specify the scope of exceptions.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 2.6.0.

Usage   Use this command to create a log audit exception for TACACS+.

Examples  To create a log audit exception, use the following syntax:

CLI network-admin@switch > log-audit-exception-create

log-audit-exception-delete

This command is used to control which CLI, shell and vtysh commands are subject to auditing. If a command is subject to auditing, the command is logged in the audit log and sent to the TACACS+ server as authorization and accounting messages.

Syntax   log-audit-exception-delete cli|shell|vtysh pattern pattern-string any|read-only|read-write


cli|shell|vtysh

Specify the type of audit exception

pattern pattern-string

Specify a regular expression to match exceptions.

any|read-only|read-write

Specify the access type to match exceptions

Defaults   None

Access   Network Administrator

History   Command introduced in Version 2.6.0.

Usage   Use this command to delete a log audit exception..

Examples  To delete a log audit exception, use the following syntax:

CLI network-admin@switch > log-audit-exception-delete

log-audit-exception-show

This command is used to control which CLI, shell and vtysh commands are subject to auditing. If a command is subject to auditing, the command is logged in the audit log and sent to the TACACS+ server as authorization and accounting messages.

Syntax   log-audit-exception-show cli|shell|vtysh pattern pattern-string any|read-only|read-write scope local|fabric


cli|shell|vtysh

Specify the type of audit exception

pattern pattern-string

Specify a regular expression to match exceptions.

any|read-only|read-write

Specify the access type to match exceptions

scope local|fabric

Specify the scope of exceptions.

Defaults   None

Access   Network Administrator

History   Command introduced in Version 2.6.0.

Usage   Use this command to display information about log audit exceptions.

Examples  To display information about log audit exceptions, use the following syntax:

CLI network-admin@switch > log-audit-exception-show

log-alert-show

This command displays information about the log alerts on the switch.

Syntax   log-alert-show

time date/time: yyyy-mm-ddThh:mm:ss]

Displays the timestamp for the log file.

start-time date/time: yyyy-mm-ddThh:mm:ss

Displays the start time for the log file.

end-time date/time: yyyy-mm-ddThh:mm:ss

Displays the end time for the log file.

duration duration: #d#h#m#s

Displays the duration of the log file.

interval duration: #d#h#m#s

Displays the intervals that alerts occurred in the duration.

since-start

Displays alerts collected from the start.

older-than duration: #d#h#m#s

Displays alerts older than the duration.

within-last duration: #d#h#m#s

Displays alerts collected within the last duration.

switch node name

Displays the name of the switch collecting the alert data.

code code-number

Displays the code number of the alert.

name name-string

Displays the program name.

Defaults   None

Access   CLI

History   Command introduced in Version 2.0.

Usage   Use this command to display information about the alert log.

Examples  To display information about log alerts, use the following command:

CLI network-admin@switch > log-alert-show

No problems found

log-audit-show

This command displays information about the log audit configuration.

Syntax   log-audit-show

Specify between 0 and 2 of the following options:

start-time date/time: yyyy-mm-ddThh:mm:ss

Specifies the start time for the audit log.

end-time date/time: yyyy-mm-ddThh:mm:ss

Specifies the end time for the audit log.

duration duration: #d#h#m#s

Specifies the duration of the audit log.

Specify any of the following options:

program program-string

Specifies the program type.

pid pid-number

Specifies the product indentifiier.

name name-string

Specifies the name to match.

code code-number

Specifies the code number.

vnet vnet-name

Specifies the name of the virtual network.

remote_switch node name

Specifies the name of the remote switch.

user user-name

Spcifies the username.

client-pid client-pid-number

Specifies the client program identifier.

client-addr ip-address

Specifies the client IP address.

port port-number

Specifies the port number.

vlan vlan-id

Specifies the VLAN identifier.

vxlan vxlan-name

Specifies the VXLAN identifier.

count number

Displays the count between 1 and 50000.

starting-point starting-point-number

Specifies the starting point of the log audit.

length length-number

Specifies the length of the log audit.

reverse|no-reverse

Specifies if the log is displayed in reverse or not.

Defaults   None

Access   CLI

History   

Version 1.2

Command introduced.

Version 2.2

The parameters, starting-point, length and reverse added.

Version 2.2.5

The IP address is logged as part of a user login event.

Usage   Use this command to display information about the audit log.

Examples  To display information about log audits, use the following command:

CLI network-admin@switch > log-audit-show

CLI (network-admin@pleiades25) > log-audit-show layout vertical

length:         1628527

category:       audit

time:           2015-04-22,07:59:08.947601-07:00

switch:         pubdev01

program:        nvOSd

pid:            1242

name:           xact_command

code:           11101

remote_switch:  pubdev03

user:           network-admin

client-addr:    10.9.10.24

message:        Transaction command "vlan-create id 25 scope fabric stats" result success

starting-point: 8324

length:         1628813

category:       audit

time:           2015-04-22,08:08:32.577538-07:00

switch:         pubdev01

program:        nvOSd

pid:            1242

name:           user_command

code:           11001

user:           network-admin

client-pid:     5446

client-addr:    10.9.10.24

message:        Command "vlan-port-add vlan-id 25 ports 55 untagged" result success

starting-point: 8324

length:         1629091