Builtin IOS logging capabilities

Wouldn’t it be nice to have a log of every command issued including the user that issued that command?

Cisco Documentation

It’s simple to configure:

Router(config)# archive
Router(config-archive)# log config (enters configuration log mode)
Router(config-archive-log-config)# logging enable (activates running configuration change logging)
Router(config-archive-log-config)# logging size 500 (logs the last 500 commands entered)
Router(config-archive-log-config)# hidekeys (hides passwords from logged)
Router(config-archive-log-config)# notify syslog (logs changes to syslog server *optional)

Example Output:

Router#show archive log config all
idx sess user@line Logged command
1 1 nate@vty0 | logging enable
2 1 nate@vty0 | logging size 500
3 1 nate@vty0 | hidekeys
4 1 nate@vty0 | notify syslog
5 1 nate@vty0 | notify syslog contenttype plaintext
6 1 nate@vty0 | exit
7 1 nate@vty0 | exit

Simple but useful IOS commands

I have run across these two commands and find them to be quite useful.

To replace the running config with a different config without having to reboot:

Router#configure replace tftp:old-config list

The list command at the end shows what is being changed in the running config as it is applied.

To set a command to it’s default “out of the box setting”:

Router(config)#default <parameter> (i.e. Router(config)#default hostname)

SRST incoming calls ring to different number

An H.323 gateway configured with the “connection plar” command to a directory number that can only be reached over the WAN can cause issues in the event that the WAN is down. The alias command under call-manager-fallback can re-direct calls during SRST operation. A sample config is as follows:

voice-port 0/1/0
connection plar 1000

alias 1 1000 to 1234 cfw 5551212 timeout 18

Incoming calls to port 0/1/0 while in SRST will ring to extension 1234 and after 18 seconds will call forward to 5551212. An appropriate H.323 dial-peer needs to be present to process 5551212