Secure Switch Access
Page 8-10
Viewing Secure Access Violations Log
The seclog command displays a log of all secure access violations.
♦ Note ♦
To log access violations on the switch, use the
swlogc
command. For more information on the swlogc
command, see Chapter 10, “Switch Logging.”
To view the secure access violations log, enter
seclog
The following is a sample display:
Secure Access Violations Log
Slot/ Elapsed Time
Time Protocol Source IP Attempts Intf (secs)
------------------------ ------------- -------------- -------------- ------- -------------------
12:49:02 FTP 172.23.8.801 1 5/1 23
03:15:34 Telnet 198.20.2.101 10 2/3 240
Descriptions of the fields are as follows:
Time. The first time the access violation occurred.
Protocol. The IP protocol for which the violation occurred.
Source IP. The source IP address of the unauthorized user.
Attempts. The number of access attempts made by this user within the sample period (5
minutes).
Slot/Intf. The physical port that received the unauthorized user information.
Elapsed Time (secs). The duration (in seconds) from the first unauthorized access to the end of
the sampling period. Secure access violations will take 5 minutes to display in the log file.
