Filter
Top Products
Alteon OS Application Guide
50
Chapter 1: Accessing the Switch 42C4911, January 2007
Accounting
Accounting is the action of recording a user's activities on the device for the purposes of billing
and/or security. It follows the authentication and authorization actions. If the authentication
and authorization is not performed via TACACS+, there are no TACACS+ accounting mes-
sages sent out.
You can use TACACS+ to record and track software logins, configuration changes, and inter-
active commands.
The GbE Switch Module supports the following TACACS+ accounting attributes:
protocol (console/telnet/ssh/http)
start_time
stop_time
elapsed_time
disc-cause
NOTE – When using the Browser-Based Interface, the TACACS+ Accounting Stop records are
sent only if the Quit button on the browser is clicked.
Command Authorization and Logging
When TACACS+ Command Authorization is enabled (/cfg/sys/tacacs/cauth ena),
Alteon OS configuration commands are sent to the TACACS+ server for authorization. When
TACACS+ Command Logging is enabled (/cfg/sys/tacacs/clog ena), Alteon OS
configuration commands are logged on the TACACS+ server.
The following examples illustrate the format of Alteon OS commands sent to the TACACS+
server:
authorization request, cmd=cfgtree, cmd-arg=/cfg/l3/if
accounting request, cmd=/cfg/l3/if, cmd-arg=1
authorization request, cmd=cfgtree, cmd-arg=/cfg/l3/if/ena
accounting request, cmd=/cfg/l3/if/ena
authorization request, cmd=cfgtree, cmd-arg=/cfg/l3/if/addr
accounting request, cmd=/cfg/l3/if/addr, cmd-arg=10.90.90.91
authorization request, cmd=apply
accounting request, cmd=apply