North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: [Activity logging & archiving tool]

  • From: Rachael Treu
  • Date: Wed Nov 26 03:43:18 2003

If ACS and CiscoWorks are too costly and CVS and RANCID too unwieldy, 
SourceForge has 2 alternatives that you might want to consider...

tool
  http://tool.sourceforge.net/

and NCAT
  http://ncat.sourceforge.net/

both of which can be sufficiently tweaked to meet your device audit needs.

(A SourceForge loyalist, but I'm a RANCID kind of girl, myself...)

And, of course, remember the least costly and most oft overlooked practice
of establishing solid policies.  Tools should be deployed to enforce a 
well-defined policy, including guidelines and procedures laying down the law 
when it comes to change management and change control of production devices.  
You mentioned an outlet for _manual_ recording/documentation of laying on 
of hands befalling the nodes, so define a must-have and must-do list 
holding dominion over such activity, requiring that appropriate backups
occur, backouts are ready to go when things burst into flames, and that
all work be delineated and documented explicitly ex post facto.  

Then, sit back and enjoy the grumbling of your paperwork-hating 
associates, and be prepared to crack skulls if they flake on updating the 
change control machanisms, as set forth in the unbudging monolith that is 
your change management policy.

Still liking TACACS-RANCID though, as you can lead a horse to water, but 
you can't make him think...

--ra

On Tue, Nov 25, 2003 at 03:54:34PM -0700, guy said something to the effect of:
> 
> 
> Don't forget that TACACS can log all commands entered into a router. When
> used in combination with rancid and cvs/cvs-web, it's very useful.
> 
> > I'm looking for a simple tool, in which each and every one has to
> > manually record whatever (s)he has done or any incident (s)he observed
> > so that the tool archives that data someway. Later, in case if someone
> > needs, (s)he should be able to search for that archive by date, by
> > person, by a random phrase, etc.
> 
> rancid (http://www.shrubbery.net/rancid) and
> cvs-web (http://stud.fh-heilbronn.de/~zeller/cgi/cvsweb.cgi/)

-- 
K. Rachael Treu, CISSP     rara at navigo dot com
..sic itur ad astra..