Guest

Preview Tool

Cisco Bug: CSCvs56655 - NXAPI needs to allow for audit level logging

Last Modified

Jan 03, 2020

Products (1)

  • Cisco MDS 9000 Series Multilayer Switches

Known Affected Releases

6.2(23) 8.4(2)

Description (partial)

Symptom:
Currently the MDS platform does not provide users the ability to track AAA events for NXAPI. This could be considered a security risk.

Customers should have the option to set the logging level similar to the following:
naxpi logging level 6 at a minimum it should include Authentication Requests, especially unsuccessful attempts
nxapi logging level 7 should display nginx information similar to access.log & error.log type output 
nxapi logging level 7 would be nice to know which cli commands are being issued

These events could be stored in either the existing `show logging log` and `show accounting log` or creating a separate `show nxapi logging log` and `show nxapi accounting log`. These logs would fulfill the requirement to track NXAPI events.


Conditions:
feature nxapi is enabled
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.