Configure PacketShaper to review Administrative and Login Activity
search cancel

Configure PacketShaper to review Administrative and Login Activity


Article ID: 175082


Updated On:




You want to investigate any unusual activity on a PacketShaper (PS) such as an unauthorized login or configuration change.


PacketShaper doesn't have a separate log file to track all Administrative activities. However, PS does support the 'syslog' feature and that will allow you to save and review most Administrative activities if you have a 'syslog' server to receive the data.

For example:

If you have a 'syslog' server with IP address, you can use the following command to start sending logs from PS to that server:

setup syslog add host: output:local4,6 datetime


setup syslog state on

You can use the command:

setup syslog show

command to check the syslog configuration on PS, for example:

PacketShaper# setup syslog show
            Status: On
          Max Rate: 20
        Total Sent: 0
        Total Lost: 0

  Server Addr                    Facility                    Level
-------------------------------------------------------------------------------                      local4, 20                  info, 6


After configuring PS for 'syslog', PS will start sending log information to the 'syslog' server.

On the 'syslog' server you will see messages such as:

LOGIN- sshd Accepted ......... for touch from
LOGIN- sshd Failed ...............for invalid user touch2 from
AUDT - Unit Edited 4213300029- Set Inbound Link to 100M ..............
AUDT - Unit Edited 4213300029- Set Outbound Link to 100M ...............

which provides details about Administrative activity on the PacketShaper.