Monitor another user on a Router or Switch

If two or more users are logged into a router or switch can you watch what they are typing and getting from show commands?

What commands would do that?
Dragon0x40Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

luc_roySystem AdminCommented:
If I understand you, you are wanting to see real time changes people are making to a including what they are looking at?

I am not aware of anything that can do what you are asking because the users actions in a router are not tracked unless they are applied to the configuration.

The best you can do is combine are few technologies together to get some of the results you want.
You can use Cisco AAA security to track when users are logged in and what they have access to.  Here is a good article on it (http://blogs.techrepublic.com.com/networking/?p=664)

For tracking revisions to the config in real time you can use several different tools.  I like Orion Network Configuration Management .  It’s a great way to track config changes, when they happen real time. Here is a blurb from the website

“Monitoring a network is easy. Isolating problems is tough. Fortunately, Orion NCM notifies you in real-time when configs change, helping you quickly determine which changes could potentially cause network issues. With Orion NCM, you’ll never have to guess who changed what and when as you troubleshoot that infamous user complaint: `the Internet is down.’ Plus, you can rest easy and save time with features like nightly config backups and bulk config changes!”

http://www.solarwinds.com/products/orion/configuration_manager/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
EDincerCommented:
Maybe You can try cisco lms application for auditing and it will show all changes in the configuration, user actions ..

You can download a trial version from cisco.com

 
0
Dragon0x40Author Commented:
thanks luc roy and EDincer,

Someone at work said they were watching me as a made a change to a router and I was wondering what they meant. Maybe I will ask!

Maybe show user to see if I am idle and when the idle timer goes to 0 then do a sh run and see what changed?

Unless you know what the planned changes are then it might be tough but I guess you could suck up the config into a text editor and use some kind of diff command to see the differences.
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

luc_roySystem AdminCommented:
Something like solar winds would tell them when you made a change.  It's just no live.  Also if someone says they are watching you it might be spyware or even a camera.
0
EDincerCommented:
The change audit application of Cisco LMS lets you track and report network changes.

The change audit log fo LMS contains all the change that inventory manager, software manager and configuration manager applications discover. Every time one of these LMS applications detects a change (syslog message,snmp trap ), it`s sends a change record to the change audit service with details who made the change (possible in combination with cisco AAA security), when the change occoured and what type of the change occoured.

You can set up a syslog configuration in the DFM module of LMS for the real time monitoring.
0
luc_roySystem AdminCommented:
if thye are using user base access, AAA or something like that.  but  again that is not a live feed, it is bases on when the changes are written to the router.
0
Dragon0x40Author Commented:
I will ask the guy I work with how he was monitoring what I was doing on the router.

I just thought maybe you could monitor another users session but apparently not.

Sometimes I try to figure things out on my own so I don't ask so many questions at work.
0
luc_roySystem AdminCommented:
it's the best way to do things, I always want to figure things out off site.

Good luck.
0
Dragon0x40Author Commented:
My colleague was connected to the same router I was via telnet and repeatedly running the "sh run" command and looking for the changes that I was putting into the router.

He could not see what I was typing at the cli.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.