System Setup and Software Installation Guide for Cisco NCS 1010, IOS XR Releases

PDF

Audit logging and monitoring details

Want to summarize with AI?

Log in

This section provides details about audit logging and monitoring for Cisco NCS 1010, including context for audit concepts, storage notes, monitoring guidance, and configuration procedures.


Use this reference to review implementing audit monitoring.

The following information supports implementing audit monitoring:

  • TThis chapter explains the audit monitoring and logging capabilities available on NCS 1010 and how to configure audit monitoring.

Feature name

Release information

Description

Audit logging and monitoring

Cisco IOS XR 25.3.1

You can enable audit logging and monitoring on the NCS 1010. You can also configure predefined rule groups that allow NCS 1010 to monitor activities, log events, and, when necessary, forward audit logs to a remote syslog server for centralized analysis and incident response. This feature helps enhance security and compliance on your network.

CLI:

These new commands are introduced:

  • linux security audit monitor group-keyword

  • show linux security audit monitor status

  • linux security audit logging syslog

  • logging remote-server-ip vrf remote-server-ip

  • show linux security audit logging syslog