Monitor who logs into Meridian 1 / CS1K

[vtechv]

I would like to capture the source IP of anyone logging into one of our Meridian 1 or CS1K systems via rlogin. I thought this might be an SNMP trap, and it certainly may be, but when I configure an open alarm in 117, I get a message that someone connected and logged in, but I can't see the source IP. Is this possible? If so, can you point me to an NTP, other source of info, or provide guidance please? Thank you in advance,


V

 

[golfdoctor]

Hi vtechv

NTP NN43001-604-05-09 Security Management Fundamentals and NN43001-600 might help.

In call pilot the loggs show the account and IP of who is accessing the voice mail system, just not sure about the IP being identified when accessing the pbx -- however -- I know the account is monitored or identified.


TGD

 

[StanleySteamer]

LD 117
=> prt sel 500

This give you all the system event list (SEL) and show you the IP address of each login request (SEC007).
The 500 represents the default size of the SEL. Yours may different. Try "prt selsize" to check,
I'm not sure if SEC007 is configured to generate an SNMP trap but you could probably change it if it isn't.