Preview Tool

Cisco Bug: CSCvs56655 - NXAPI needs to allow for audit level logging

Last Modified

Jan 03, 2020

Products (1)

  • Cisco MDS 9000 Series Multilayer Switches

Known Affected Releases

6.2(23) 8.4(2)

Description (partial)

Currently the MDS platform does not provide users the ability to track AAA events for NXAPI. This could be considered a security risk.

Customers should have the option to set the logging level similar to the following:
naxpi logging level 6 at a minimum it should include Authentication Requests, especially unsuccessful attempts
nxapi logging level 7 should display nginx information similar to access.log & error.log type output 
nxapi logging level 7 would be nice to know which cli commands are being issued

These events could be stored in either the existing `show logging log` and `show accounting log` or creating a separate `show nxapi logging log` and `show nxapi accounting log`. These logs would fulfill the requirement to track NXAPI events.

feature nxapi is enabled
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.