SecureCRT Tip: Logging (Poorman’s Audit Log)

SecureCRT is a great terminal program by VanDyke Software. If you’re a network engineer, I highly recommend it over Putty. It comes with a price tag ($99) but I find that the cost is totally worth it. If you’re curious, there is a free 30-day trial so you can check it out for yourself. I call it Putty on drugs.

One of the great features is logging. When you’re in and out of different servers, routers, switches, and anything that you can do damage in, it’s always good to have logging for either a) covering your bacon because you will mistype something at some point (yes, I’ve accidentally removed the wrong ACL and had to drive 40 minutes to the data center to reboot a switch before) and b) it helps with documentation because you will forget to write something down. If you have TACACS+ running, chances are that server is already centrally logging everything so this is moot (or maybe you just want better logs for you).

To setup logging, open up SecureCRT and head to Options > Global Options > General > Default Session > Edit Default Settings… > Terminal > Log File. For backup purposes, I set my log file to reside within my OneDrive so it’s synced. For the file name, I used the name %H-%S-%M%D%Y.log and enabled the options Start log upon connect, Start new log at midnight, and Append to file. This generates file names such as 10.1.1.1-Core1-09202017.log. This makes it easy to track down what device and the date. When you click OK, make sure you apply to all sessions.

Leave a Reply

Your email address will not be published. Required fields are marked *