INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Monitoring access

Monitoring access

(OP)
Hi is there any way or software that will tell me the number of times a port or ip was accessed and from where. I can either do that on the port level or of a specific ip on the network. Does anyone have an idea? thank you.

RE: Monitoring access

Well, the answer is yes.. to all...
But let's give it a start, the general idea is to use syslog for that.
Syslog is an open thing, so not specific to Cisco. Syslog messages in the Cisco environment can be triggered by a large number of events, not just access
The number of solutions to capture syslog messages are numerous. You can think of screenlogs, databases, Linux/Windows syslog host, Cisco applications like Prime etc etc
So since your question is kind of generic lets use an example.
Very basic:
When you have a switch and put a serial cable into the back you should already see log messages.
You can also store these in a file on the device.
As mentioned syslog messages can also be forwarded to external hosts or applications. This is preferred, as when your device is dead, you also lost your logs, and someone with access to the device can erase their tracks.
You need to read up on syslog in the Cisco environment. Cisco describes all the options in the support documentation per device. These can be found on the Cisco.com site.
Then if you want to take it a step further, there are also access control methodes like TACACS or radius, which control,log and prevent unauthorised access.

RE: Monitoring access

(OP)
telcoguy thanks for the reply. What I need in more details is I have a server connected to a port on the cisco switch. I need to know which ips and what time accessed that server on the switch. You are saying the syslog messages can provide this or do i need to get a monitoring software of some sortS?

RE: Monitoring access

Is it a layer3 switch?
Are the client connections coming from a different subnet?

All the switch sees are either frames (Layer2) or packets (Layer3).
It's not going to have any idea which packets represent a connection, even less of an idea if it's only Layer2.
To log what connections you are getting, you need to be looking at TCP sessions, and It's not very likely the switch can help you with that.
You could get a firewall to do it.

But surely the server event log has a record of this stuff?

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close